urlscan.io logo urlscan.io
SecurityTrails logo

securityaffairs.com Open in urlscan Pro
2606:4700:3031::ac43:8cd3  Public Scan

Go To Rescan Add Verdict Report
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Submission: On August 17 via api from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 149 IPs in 20 countries across 133 domains to perform 688 HTTP transactions. The main IP is 2606:4700:3031::ac43:8cd3, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityaffairs.com.
TLS certificate: Issued by GTS CA 1P5 on June 22nd 2023. Valid for: 3 months.
This is the only time securityaffairs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
47 2606:4700:303... 13335 (CLOUDFLAR...)
14 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 18.239.94.69 16509 (AMAZON-02)
1 10 2606:4700:10:... 13335 (CLOUDFLAR...)
6 192.0.77.2 2635 (AUTOMATTIC)
3 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:224... 16509 (AMAZON-02)
1 3.66.201.159 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 52.222.208.154 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 185.86.138.121 201081 (SMARTADSE...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
6 103.132.192.30 138552 (RTBHOUSE-...)
7 147.75.84.158 54825 (PACKET)
14 2606:4700:10:... 13335 (CLOUDFLAR...)
6 185.64.189.112 62713 (AS-PUBMATIC)
10 108.156.64.218 16509 (AMAZON-02)
31 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
10 23.35.236.201 16625 (AKAMAI-AS)
2 67.202.105.23 32748 (STEADFAST)
2 6 198.47.127.19 3257 (GTT-BACKB...)
4 5 178.250.1.9 44788 (ASN-CRITE...)
2 4 67.220.224.144 16509 (AMAZON-02)
6 6 2620:116:800d... 16509 (AMAZON-02)
9 185.64.190.80 62713 (AS-PUBMATIC)
14 17 37.252.172.123 29990 (ASN-APPNEX)
11 185.64.191.210 62713 (AS-PUBMATIC)
4 6 52.71.238.40 14618 (AMAZON-AES)
3 4 85.114.159.118 24961 (MYLOC-AS ...)
9 10 151.101.2.49 54113 (FASTLY)
1 1 35.214.167.175 15169 (GOOGLE)
2 2 193.0.160.130 54312 (ROCKETFUEL)
7 8 52.17.146.181 16509 (AMAZON-02)
13 42 142.250.185.194 15169 (GOOGLE)
3 3 208.93.169.131 46244 (WEBMD-IDC...)
2 6 185.86.138.151 201081 (SMARTADSE...)
1 63.251.232.165 32475 (SINGLEHOP...)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 213.155.156.184 1299 (TWELVE99 ...)
1 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 1 35.186.154.107 396982 (GOOGLE-CL...)
1 1 141.94.161.158 16276 (OVH)
2 2 141.94.170.77 16276 (OVH)
1 2 34.241.170.80 16509 (AMAZON-02)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
15 34.149.40.38 15169 (GOOGLE)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 2 34.111.131.239 396982 (GOOGLE-CL...)
5 7 54.157.243.229 14618 (AMAZON-AES)
9 11 37.157.2.234 198622 (ADFORM)
4 5 34.91.62.186 396982 (GOOGLE-CL...)
10 3.33.220.150 16509 (AMAZON-02)
7 2a05:d018:d29... 16509 (AMAZON-02)
5 3.71.149.231 16509 (AMAZON-02)
8 16 3.124.27.97 16509 (AMAZON-02)
1 1 141.95.32.71 16276 (OVH)
4 4 46.228.164.11 56396 (AMOBEE)
1 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 134.122.57.34 14061 (DIGITALOC...)
2 98.98.134.241 21859 (ZEN-ECN)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
12 2a02:2638:d::2 44788 (ASN-CRITE...)
7 2a00:1450:400... 15169 (GOOGLE)
1 1 23.213.161.138 20940 (AKAMAI-ASN1)
1 5 193.3.178.4 399668 (E-PLANNING-)
4 162.19.138.118 16276 (OVH)
1 4 2a02:2638:3::c 44788 (ASN-CRITE...)
2 98.98.134.242 21859 (ZEN-ECN)
2 8.2.110.24 46636 (NATCOWEB)
3 35.227.252.103 15169 (GOOGLE)
2 193.3.178.1 399668 (E-PLANNING-)
12 193.3.178.3 399668 (E-PLANNING-)
3 3 52.4.169.33 14618 (AMAZON-AES)
2 69.166.1.66 27630 (AS-XFERNET)
2 2 44.205.87.2 14618 (AMAZON-AES)
6 6 104.64.126.246 16625 (AKAMAI-AS)
12 95.101.149.233 16625 (AKAMAI-AS)
3 17 185.80.39.216 27381 (CASALE-MEDIA)
2 205.234.175.175 23352 (SERVERCEN...)
5 51.89.9.252 16276 (OVH)
18 2606:4700:10:... 13335 (CLOUDFLAR...)
1 178.250.1.11 44788 (ASN-CRITE...)
4 52.222.139.7 16509 (AMAZON-02)
2 99.81.48.56 16509 (AMAZON-02)
6 31 13.248.245.213 16509 (AMAZON-02)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
1 2a04:4e42:400... 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 54.229.208.26 16509 (AMAZON-02)
2 3 34.254.143.3 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 185.15.245.81 24961 (MYLOC-AS ...)
1 3 52.48.185.171 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 54.154.110.236 16509 (AMAZON-02)
1 34.160.236.64 396982 (GOOGLE-CL...)
2 54.154.162.251 16509 (AMAZON-02)
1 168.119.72.236 24940 (HETZNER-AS)
1 1 54.83.175.63 14618 (AMAZON-AES)
1 2.23.197.190 16625 (AKAMAI-AS)
2 2 52.48.19.12 16509 (AMAZON-02)
8 69.173.144.139 26667 (RUBICONPR...)
4 52.46.155.104 16509 (AMAZON-02)
2 7 104.18.25.185 13335 (CLOUDFLAR...)
2 27 34.247.233.198 16509 (AMAZON-02)
4 6 70.42.32.95 13789 (INTERNAP-...)
3 34.98.64.218 396982 (GOOGLE-CL...)
3 3 52.207.126.75 14618 (AMAZON-AES)
2 2 2603:c020:400... 31898 (ORACLE-BM...)
2 169.197.150.8 398989 (DEEPINTENT)
3 3 50.31.142.159 23352 (SERVERCEN...)
4 4 52.16.101.30 16509 (AMAZON-02)
4 185.86.138.153 201081 (SMARTADSE...)
28 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2 202.241.208.55 4694 (IDCF IDC ...)
2 80.77.87.162 46636 (NATCOWEB)
1 2a02:2638:d::4 44788 (ASN-CRITE...)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 2600:9000:231... 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
1 154.58.197.185 174 (COGENT-174)
3 4 185.29.134.244 30419 (MEDIAMATH...)
3 4 34.96.105.8 396982 (GOOGLE-CL...)
1 178.250.7.9 44788 (ASN-CRITE...)
1 3.122.33.96 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
13 2a02:2638:d::13 44788 (ASN-CRITE...)
3 2a02:2638:3::1a 44788 (ASN-CRITE...)
8 8 46.228.174.117 56396 (AMOBEE)
2 69.173.144.138 26667 (RUBICONPR...)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 85.114.159.67 24961 (MYLOC-AS ...)
1 85.114.159.66 24961 (MYLOC-AS ...)
1 2600:1901:0:7... 15169 (GOOGLE)
1 217.79.188.11 24961 (MYLOC-AS ...)
1 185.64.190.89 62713 (AS-PUBMATIC)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
2 2 142.250.186.102 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
2 104.80.244.96 16625 (AKAMAI-AS)
8 217.79.188.4 24961 (MYLOC-AS ...)
1 1 2a02:cb40:200... 20546 (SOPRADO-ANY)
1 3.124.181.128 16509 (AMAZON-02)
3 3.9.45.49 16509 (AMAZON-02)
2 52.222.139.78 16509 (AMAZON-02)
1 13.227.219.46 16509 (AMAZON-02)
1 217.79.188.12 24961 (MYLOC-AS ...)
2 198.47.127.20 3257 (GTT-BACKB...)
4 18.135.31.191 16509 (AMAZON-02)
2 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 18.66.196.54 16509 (AMAZON-02)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 23.88.86.2 24940 (HETZNER-AS)
1 2 77.243.51.122 42697 (NETIC-AS)
2 2 15.235.15.221 16276 (OVH)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 162.19.138.119 16276 (OVH)
2 2 188.42.34.64 7979 (SERVERS-COM)
2 2600:9000:211... 16509 (AMAZON-02)
1 35.157.224.148 16509 (AMAZON-02)
1 216.52.2.6 32475 (SINGLEHOP...)
1 52.6.72.62 14618 (AMAZON-AES)
2 2 3.120.67.215 16509 (AMAZON-02)
1 1 185.184.10.30 203690 (RTB-HOUSE...)
1 52.201.180.243 14618 (AMAZON-AES)
1 1 3.127.92.109 16509 (AMAZON-02)
1 2a05:d018:cc3... 16509 (AMAZON-02)
688 149
47    2606:4700:3031::ac43:8cd3 (United States)

ASN13335 (CLOUDFLARENET, US)
securityaffairs.com
14    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    18.239.94.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-69.ams1.r.cloudfront.net
platform-api.sharethis.com
10    2606:4700:10::ac43:15e3 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
assets.vlitag.com
media.vlitag.com
6    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
3    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:9000:224a:c600:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    3.66.201.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-201-159.eu-central-1.compute.amazonaws.com
l.sharethis.com
5    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
17    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
14    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
5    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg-apac.smartadserver.com
6    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
6    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
7    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
14    2606:4700:10::6816:2560 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
6    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
10    108.156.64.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-64-218.ams1.r.cloudfront.net
aax.amazon-adsystem.com
31    2606:4700:3037::ac43:9e3b (United States)

ASN13335 (CLOUDFLARENET, US)
px.vliplatform.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirector.googlevideo.com
1    2a00:1450:4001:23::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r5---sn-4g5edndk.googlevideo.com
1    2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
10    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
6    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
5    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    67.220.224.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
6    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
9    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
17    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
11    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
6    52.71.238.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-238-40.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
10    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.214.167.175 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 175.167.214.35.bc.googleusercontent.com
csync.loopme.me
2    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
8    52.17.146.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-146-181.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
42    142.250.185.194 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
3    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
6    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    35.186.154.107 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.154.186.35.bc.googleusercontent.com
cm-supply-web.gammaplatform.com
1    141.94.161.158 (France)

ASN16276 (OVH, FR)
PTR: bixel-1.cloudy.ovh
green.erne.co
2    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel-eu.onaudience.com
2    34.241.170.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-170-80.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
15    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
2    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
7    54.157.243.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-243-229.compute-1.amazonaws.com
a.audrte.com
11    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
5    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
10    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
7    2a05:d018:d29:3605:5fd4:6fb0:e48:6d7e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
16    3.124.27.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-27-97.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    141.95.32.71 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-006.roqad.pl
ws.rqtrk.eu
4    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
casale-match.dotomi.com
triplelift-match.dotomi.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
12    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
7    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
1    23.213.161.138 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-138.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
5    193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
4    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
4    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel.sitescout.com
2    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    193.3.178.1 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
12    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
u-ams03.e-planning.net
3    52.4.169.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-169-33.compute-1.amazonaws.com
ssp.disqus.com
2    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    44.205.87.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-87-2.compute-1.amazonaws.com
cookies.nextmillmedia.com
6    104.64.126.246 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
17    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
5    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
18    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    52.222.139.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-7.ams50.r.cloudfront.net
tags.crwdcntrl.net
2    99.81.48.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-48-56.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
31    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f16:e61:3f00:6418:3db0:a56e:6f03 (Columbus, United States)

ASN16509 (AMAZON-02, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:ea7e:ead4:fe95:47ef (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    54.229.208.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-208-26.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
loada.exelator.com
1    151.1.205.165 (Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    185.15.245.81 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
3    52.48.185.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-185-171.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    54.154.110.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-110-236.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    54.154.162.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-162-251.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    168.119.72.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.72.119.168.clients.your-server.de
sync.richaudience.com
1    54.83.175.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-175-63.compute-1.amazonaws.com
usermatch.krxd.net
1    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    52.48.19.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-19-12.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
8    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
4    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
27    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
6    70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
u.openx.net
3    52.207.126.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-126-75.compute-1.amazonaws.com
sync.ipredictive.com
2    2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
3    50.31.142.159 (Plainfield, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
4    52.16.101.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-101-30.eu-west-1.compute.amazonaws.com
ad.360yield.com
match.360yield.com
4    185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
28    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
5    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    202.241.208.55 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    2600:9000:2315:5e00:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cti.w55c.net
1    2600:9000:2491:a000:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)
ads.w55c.net
1    154.58.197.185 (Philippines)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com
t.hspvst.com
4    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
1    3.122.33.96 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-33-96.eu-central-1.compute.amazonaws.com
i.w55c.net
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
13    2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
3    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
8    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
1    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
1    85.114.159.67 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dspcluster.adfarm1.adition.com
dspcluster.adfarm1.adition.com
1    85.114.159.66 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.active-agent.com
dsp.active-agent.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
1    217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
1    185.64.190.89 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    142.250.186.102 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
ad.doubleclick.net
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    167.233.13.224 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
2    104.80.244.96 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-244-96.deploy.static.akamaitechnologies.com
www.awin1.com
8    217.79.188.4 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dbt.adition.com
dbt.adition.com
1    2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)
t.adcell.com
1    3.124.181.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-181-128.eu-central-1.compute.amazonaws.com
www.restposten.de
3    3.9.45.49 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-45-49.eu-west-2.compute.amazonaws.com
track.webgains.com
2    52.222.139.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-78.ams50.r.cloudfront.net
analytics.webgains.io
1    13.227.219.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-46.ams54.r.cloudfront.net
cdn.track.production.webgains.team
1    217.79.188.12 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
is.dopascalls.1und1.de
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
4    18.135.31.191 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-31-191.eu-west-2.compute.amazonaws.com
api.webgains.io
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    18.66.196.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-196-54.mxp63.r.cloudfront.net
cm.smadex.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
1    2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)
c3.a-mo.net
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    188.42.34.64 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    2600:9000:211e:2200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    35.157.224.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-224-148.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    52.6.72.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-72-62.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    3.120.67.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-67-215.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
1    52.201.180.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-180-243.compute-1.amazonaws.com
rtb.adentifi.com
1    3.127.92.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-92-109.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    2a05:d018:cc3:fe05:4270:c547:791f:3f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
Apex Domain
Subdomains		 Transfer
61 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 122
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228
cm.g.doubleclick.net — Cisco Umbrella Rank: 261
ad.doubleclick.net — Cisco Umbrella Rank: 187
271 KB
47 securityaffairs.com
securityaffairs.com
387 KB
45 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 672
ads.pubmatic.com — Cisco Umbrella Rank: 651
image6.pubmatic.com — Cisco Umbrella Rank: 989
image2.pubmatic.com — Cisco Umbrella Rank: 1137
simage2.pubmatic.com — Cisco Umbrella Rank: 982
st.pubmatic.com — Cisco Umbrella Rank: 1278
simage4.pubmatic.com — Cisco Umbrella Rank: 1434
92 KB
38 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 125
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
309 KB
31 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 437
15 KB
31 vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 29787
12 KB
29 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1791
usersync.gumgum.com — Cisco Umbrella Rank: 2073
10 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 30904
ad4m.at — Cisco Umbrella Rank: 10961
assets.ad4m.at — Cisco Umbrella Rank: 41546
1010 KB
28 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1248
eus.rubiconproject.com — Cisco Umbrella Rank: 737
pixel.rubiconproject.com — Cisco Umbrella Rank: 388
token.rubiconproject.com — Cisco Umbrella Rank: 748
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2567
70 KB
28 criteo.net
static.criteo.net — Cisco Umbrella Rank: 710
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9104
csm.eu.criteo.net — Cisco Umbrella Rank: 8684
264 KB
24 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1560
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 564
dsum.casalemedia.com — Cisco Umbrella Rank: 1784
20 KB
23 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1731
mp.4dex.io — Cisco Umbrella Rank: 2922
u.4dex.io — Cisco Umbrella Rank: 4915
34 KB
21 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2684
s.e-planning.net — Cisco Umbrella Rank: 6738
u-ams03.e-planning.net — Cisco Umbrella Rank: 37506
i.e-planning.net — Cisco Umbrella Rank: 5827
sync.e-planning.net — Cisco Umbrella Rank: 5313
9 KB
21 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 435
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1142
s.amazon-adsystem.com — Cisco Umbrella Rank: 349
73 KB
18 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3551
mwzeom.zeotap.com — Cisco Umbrella Rank: 3473
6 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 275
secure.adnxs.com — Cisco Umbrella Rank: 542
12 KB
16 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 372
4 KB
14 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1856
dspcluster.adfarm1.adition.com — Cisco Umbrella Rank: 64702
imagesrv.adition.com — Cisco Umbrella Rank: 16702
dbt.adition.com — Cisco Umbrella Rank: 204690
975 KB
14 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 18253
sync.quantumdex.io — Cisco Umbrella Rank: 3429
2 KB
13 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545
ups.analytics.yahoo.com — Cisco Umbrella Rank: 356
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1650
4 KB
13 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 745
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 2338
ads.eu.criteo.com — Cisco Umbrella Rank: 8578
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 10115
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 14424
70 KB
12 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 11571
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 817
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1027
6 KB
11 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3746
c1.adform.net — Cisco Umbrella Rank: 720
7 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 396
3 KB
10 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 964
2 KB
10 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 17052
creativecdn.com — Cisco Umbrella Rank: 674
us.creativecdn.com — Cisco Umbrella Rank: 3421
2 KB
10 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 30417
assets.vlitag.com — Cisco Umbrella Rank: 45410
media.vlitag.com — Cisco Umbrella Rank: 62396
462 KB
9 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1028
tags.crwdcntrl.net — Cisco Umbrella Rank: 1073
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1036
39 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 727
4 KB
8 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1121
c3.a-mo.net — Cisco Umbrella Rank: 13440
1 KB
8 wp.com
i0.wp.com — Cisco Umbrella Rank: 3926
stats.wp.com — Cisco Umbrella Rank: 2930
pixel.wp.com — Cisco Umbrella Rank: 2793
109 KB
7 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3076
4 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 27613
api.webgains.io — Cisco Umbrella Rank: 58267
37 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 702
4 KB
6 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 928
2 KB
6 openx.net
rtb.openx.net — Cisco Umbrella Rank: 990
us-u.openx.net — Cisco Umbrella Rank: 605
u.openx.net — Cisco Umbrella Rank: 935
941 B
6 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 976
2 KB
6 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1015
3 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2706
www.google.com — Cisco Umbrella Rank: 3
1 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
imasdk.googleapis.com — Cisco Umbrella Rank: 600
123 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 225
282 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 984
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1013
id5-sync.com — Cisco Umbrella Rank: 440
28 KB
5 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1009
2 KB
5 gstatic.com
fonts.gstatic.com
123 KB
4 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2445
591 B
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1279
3 KB
4 w55c.net
cti.w55c.net — Cisco Umbrella Rank: 4276
ads.w55c.net — Cisco Umbrella Rank: 12950
i.w55c.net — Cisco Umbrella Rank: 2610
pm.w55c.net — Cisco Umbrella Rank: 1136
68 KB
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 802
match.360yield.com — Cisco Umbrella Rank: 2456
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 615
2 KB
4 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3539
cs.admanmedia.com — Cisco Umbrella Rank: 1168
418 B
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 948
pixel.sitescout.com — Cisco Umbrella Rank: 4020
748 B
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1080
2 KB
4 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24211
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26823
1 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 18442
pixel.onaudience.com — Cisco Umbrella Rank: 3601
2 KB
4 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4950
buttons-config.sharethis.com — Cisco Umbrella Rank: 5616
l.sharethis.com — Cisco Umbrella Rank: 5169
93 KB
3 webgains.com
track.webgains.com — Cisco Umbrella Rank: 43802
4 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 667
873 B
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1183
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 757
usermatch.krxd.net — Cisco Umbrella Rank: 1796
942 B
3 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 9513
loada.exelator.com — Cisco Umbrella Rank: 29169
2 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1602
621 B
3 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4377
casale-match.dotomi.com — Cisco Umbrella Rank: 4136
triplelift-match.dotomi.com — Cisco Umbrella Rank: 4723
388 B
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1025
s.tribalfusion.com — Cisco Umbrella Rank: 2306
1 KB
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 678
2 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
12 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
211 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1249
1 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 938
486 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1858
1 KB
2 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2564
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1400
1 KB
2 bing.com
c.bing.com — Cisco Umbrella Rank: 279
975 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 421
1 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 17983
1 KB
2 ad4mat.net
static-de.ad4mat.net — Cisco Umbrella Rank: 182121
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 139667
4 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1497
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1218
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1219
83 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1555
717 B
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 26293
428 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 240
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 2165
133 B
2 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 4053
406 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1195
801 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5227
562 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1051
2 KB
2 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1272
2 googlevideo.com
redirector.googlevideo.com — Cisco Umbrella Rank: 788
r5---sn-4g5edndk.googlevideo.com — Cisco Umbrella Rank: 294712
975 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1612
181 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1495
35 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2626
368 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 864
277 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 673
35 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1189
406 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4957
465 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8584
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3654
308 B
1 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 3396
613 B
1 1und1.de
is.dopascalls.1und1.de — Cisco Umbrella Rank: 260571
29 KB
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 74227
15 KB
1 restposten.de
www.restposten.de — Cisco Umbrella Rank: 398571
1 adcell.com
t.adcell.com — Cisco Umbrella Rank: 56199
477 B
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 71835
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 66648
440 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 66499
263 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1969
425 B
1 active-agent.com
dsp.active-agent.com — Cisco Umbrella Rank: 59049
256 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 277
5 KB
1 hspvst.com
t.hspvst.com — Cisco Umbrella Rank: 184215
930 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 776
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2142
373 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1496
213 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 649
531 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 20121
84 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 141087
659 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 12212
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 722
203 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 677
555 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3020
555 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3841
352 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 29168
412 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3672
641 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7279
276 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6848
369 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1719
554 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1649
283 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1140
225 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1928
434 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1244
610 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2102
54 B
1 google.de
www.google.de — Cisco Umbrella Rank: 5345
408 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2291
1 KB
688 133
Domain Requested by
47 securityaffairs.com securityaffairs.com
42 cm.g.doubleclick.net 13 redirects spl.zeotap.com
rtb.gumgum.com
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
eb2.3lift.com
31 eb2.3lift.com 6 redirects ads.us.e-planning.net
securityaffairs.com
eb2.3lift.com
sync.quantumdex.io
31 px.vliplatform.com cdn.jsdelivr.net
27 usersync.gumgum.com 2 redirects rtb.gumgum.com
ads.pubmatic.com
17 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
securityaffairs.com
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
16 x.bidswitch.net 8 redirects spl.zeotap.com
rtb.gumgum.com
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
eb2.3lift.com
ssum-sec.casalemedia.com
15 u.4dex.io ads.pubmatic.com
ads.us.e-planning.net
eb2.3lift.com
ssbsync.smartadserver.com
14 securepubads.g.doubleclick.net services.vlitag.com
securepubads.g.doubleclick.net
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
www.googletagservices.com
14 pagead2.googlesyndication.com securityaffairs.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
www.googletagservices.com
13 imageproxy.eu.criteo.net ads.eu.criteo.com
13 mwzeom.zeotap.com spl.zeotap.com
12 assets.ad4m.at as.ad4m.at
12 dsum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
12 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
rtb.gumgum.com
securityaffairs.com
12 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
12 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
12 ib.adnxs.com 9 redirects spl.zeotap.com
eb2.3lift.com
11 simage2.pubmatic.com ads.pubmatic.com
10 match.adsrvr.org ads.pubmatic.com
spl.zeotap.com
ssum.casalemedia.com
rtb.gumgum.com
eb2.3lift.com
ssbsync.smartadserver.com
10 sync-tm.everesttech.net 9 redirects ads.pubmatic.com
10 ads.pubmatic.com securityaffairs.com
ads.pubmatic.com
ads.us.e-planning.net
rtb.gumgum.com
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
assets.vlitag.com
sync.quantumdex.io
10 aax.amazon-adsystem.com c.amazon-adsystem.com
9 c1.adform.net 8 redirects ads.pubmatic.com
9 image2.pubmatic.com ads.pubmatic.com
8 sync.quantumdex.io assets.vlitag.com
sync.quantumdex.io
ads.pubmatic.com
ssum-sec.casalemedia.com
8 dbt.adition.com imagesrv.adition.com
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at securityaffairs.com
as.ad4m.at
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
ad4m.at
8 match.prod.bidr.io 7 redirects ssum-sec.casalemedia.com
7 ssum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
rtb.gumgum.com
sync.quantumdex.io
7 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 pr-bh.ybp.yahoo.com ads.pubmatic.com
rtb.gumgum.com
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
eb2.3lift.com
ssum-sec.casalemedia.com
7 a.audrte.com 5 redirects ads.pubmatic.com
ssbsync.smartadserver.com
7 prebid.a-mo.net assets.vlitag.com
6 sync.1rx.io 6 redirects
6 sync.outbrain.com 4 redirects rtb.gumgum.com
6 token.rubiconproject.com eus.rubiconproject.com
6 secure-assets.rubiconproject.com 6 redirects
6 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
6 sync.srv.stackadapt.com 4 redirects eb2.3lift.com
6 cms.quantserve.com 6 redirects
6 image6.pubmatic.com 2 redirects ads.pubmatic.com
spl.zeotap.com
6 hbopenbid.pubmatic.com assets.vlitag.com
6 useast.quantumdex.io assets.vlitag.com
6 prebid-asia.creativecdn.com assets.vlitag.com
6 mp.4dex.io assets.vlitag.com
6 i0.wp.com securityaffairs.com
5 www.googletagservices.com securityaffairs.com
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
5 secure.adnxs.com 5 redirects
5 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
5 onetag-sys.com ads.us.e-planning.net
securityaffairs.com
sync.quantumdex.io
5 ups.analytics.yahoo.com ads.pubmatic.com
spl.zeotap.com
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
5 um.simpli.fi 4 redirects ads.pubmatic.com
5 dis.criteo.com 4 redirects ads.pubmatic.com
5 www.google.com tpc.googlesyndication.com
securityaffairs.com
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
5 services.vlitag.com securityaffairs.com
services.vlitag.com
5 fonts.googleapis.com securityaffairs.com
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
4 api.webgains.io analytics.webgains.io
4 tr.blismedia.com 3 redirects 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
4 sync.mathtag.com 3 redirects eb2.3lift.com
4 ssbsync.smartadserver.com rtb.gumgum.com
securityaffairs.com
4 s.amazon-adsystem.com ssum.casalemedia.com
eb2.3lift.com
ssum-sec.casalemedia.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
4 gum.criteo.com 1 redirects static.criteo.net
assets.vlitag.com
4 id5-sync.com cdn.id5-sync.com
assets.vlitag.com
sync.quantumdex.io
4 ad.turn.com 4 redirects
4 dsp.adfarm1.adition.com 3 redirects cdn.jsdelivr.net
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
spl.zeotap.com
4 assets.vlitag.com services.vlitag.com
securityaffairs.com
3 track.webgains.com as.ad4m.at
3 csm.eu.criteo.net ads.eu.criteo.com
3 creativecdn.com 3 redirects
3 ad.360yield.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 sync.ipredictive.com 3 redirects
3 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
3 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
3 ssp.disqus.com 3 redirects
3 rtb.openx.net ads.us.e-planning.net
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
3 ads.us.e-planning.net 1 redirects securityaffairs.com
3 bh.contextweb.com 3 redirects
3 cdn.jsdelivr.net assets.vlitag.com
securepubads.g.doubleclick.net
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
3 c.amazon-adsystem.com services.vlitag.com
c.amazon-adsystem.com
3 www.googletagmanager.com securityaffairs.com
www.googletagmanager.com
2 rtb.mfadsrvr.com 2 redirects
2 s.ad.smaato.net sync.quantumdex.io
ssbsync.smartadserver.com
2 ads.betweendigital.com 2 redirects
2 id.a-mx.com 1 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 c.bing.com eb2.3lift.com
2 px.ads.linkedin.com eb2.3lift.com
2 simage4.pubmatic.com ads.pubmatic.com
2 analytics.webgains.io track.webgains.com
2 www.awin1.com as.ad4m.at
2 ad.doubleclick.net 2 redirects
2 pixel-eu.rubiconproject.com eus.rubiconproject.com
2 sync.targeting.unrulymedia.com 2 redirects
2 cs.admanmedia.com rtb.gumgum.com
2 tg.socdm.com 2 redirects
2 sync.e-planning.net rtb.gumgum.com
2 match.deepintent.com rtb.gumgum.com
2 sync.technoratimedia.com 2 redirects
2 us-u.openx.net rtb.gumgum.com
2 dsum.casalemedia.com ssum.casalemedia.com
2 pixel.rubiconproject.com spl.zeotap.com
eus.rubiconproject.com
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com spl.zeotap.com
ssbsync.smartadserver.com
2 rtb.gumgum.com ads.us.e-planning.net
2 i.e-planning.net ads.us.e-planning.net
2 cookies.nextmillmedia.com 2 redirects
2 sync.go.sonobi.com ads.us.e-planning.net
2 s.e-planning.net ads.us.e-planning.net
2 sync.admanmedia.com ads.us.e-planning.net
2 pixel.sitescout.com ads.us.e-planning.net
2 pixel-sync.sitescout.com ads.pubmatic.com
eb2.3lift.com
2 dmp.adform.net 1 redirects spl.zeotap.com
2 idsync.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 a.tribalfusion.com 1 redirects 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 p.rfihub.com 2 redirects
2 ssc-cms.33across.com securityaffairs.com
2 prg-apac.smartadserver.com assets.vlitag.com
2 script.4dex.io assets.vlitag.com
script.4dex.io
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 platform-api.sharethis.com securityaffairs.com
1 d.adroll.com ssum-sec.casalemedia.com
1 pm.w55c.net 1 redirects
1 rtb.adentifi.com eb2.3lift.com
1 us.creativecdn.com 1 redirects
1 triplelift-match.dotomi.com eb2.3lift.com
1 cs-server-s2s.yellowblue.io sync.quantumdex.io
1 ap.lijit.com sync.quantumdex.io
1 match.sharethrough.com sync.quantumdex.io
1 lb.eu-1-id5-sync.com assets.vlitag.com
1 c3.a-mo.net 1 redirects
1 ads.playground.xyz 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 cm.smadex.com 1 redirects
1 is.dopascalls.1und1.de
1 cdn.track.production.webgains.team as.ad4m.at
1 www.restposten.de as.ad4m.at
1 t.adcell.com 1 redirects
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 s.company-target.com 1 redirects
1 st.pubmatic.com 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
1 imagesrv.adition.com securityaffairs.com
1 prod-rtb.ad4mat.net 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
1 dsp.active-agent.com cdn.jsdelivr.net
1 dspcluster.adfarm1.adition.com cdn.jsdelivr.net
1 static-de.ad4mat.net as.ad4m.at
1 rtb.nl3.eu.criteo.com 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
1 match.360yield.com 1 redirects
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 u.openx.net
1 i.w55c.net 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
1 cat.fr3.eu.criteo.com ads.eu.criteo.com
1 t.hspvst.com 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
1 ads.w55c.net 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
1 cti.w55c.net 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
1 ads.eu.criteo.com 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
1 casale-match.dotomi.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 mug.criteo.com
1 ads.stickyadstv.com 1 redirects
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ws.rqtrk.eu 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 cadmus.script.ac script.4dex.io
1 r5---sn-4g5edndk.googlevideo.com
1 redirector.googlevideo.com 1 redirects
1 media.vlitag.com 1 redirects
1 imasdk.googleapis.com services.vlitag.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.google.de securityaffairs.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 pixel.wp.com securityaffairs.com
1 secure.gravatar.com securityaffairs.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 stats.wp.com securityaffairs.com
688 214
Subject Issuer Validity Valid
securityaffairs.com
GTS CA 1P5		 2023-06-22 -
2023-09-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-20 -
2024-06-17		 a year crt.sh
vlitag.com
GTS CA 1P5		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
script.ac
E1		 2023-07-05 -
2023-10-03		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
u.4dex.io
GTS CA 1D4		 2023-06-29 -
2023-09-27		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
ads.us.e-planning.net
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.e-planning.net
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-02-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-08-07 -
2024-09-05		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.tidaltv.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-08 -
2024-07-08		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
dmp.theadex.com
R3		 2023-06-23 -
2023-09-21		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.w55c.net
Amazon RSA 2048 M02		 2023-05-29 -
2024-06-25		 a year crt.sh
ads.w55c.net
Amazon RSA 2048 M02		 2023-07-19 -
2024-08-16		 a year crt.sh
*.hspvst.com
Gandi Standard SSL CA 2		 2022-12-12 -
2023-12-09		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-29		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-27 -
2023-10-22		 3 months crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
*.active-agent.com
AlphaSSL CA - SHA256 - G2		 2022-11-14 -
2023-12-16		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh
is.dopascalls.1und1.de
R3		 2023-07-22 -
2023-10-20		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-11-07		 8 months crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M01		 2023-07-23 -
2024-08-20		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh

This page contains 127 frames:

Primary Page: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Frame ID: F31D4053BDF184D3F5E41C6350191C54
Requests: 197 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20190131/zrt_lookup.html
Frame ID: 12DB867977052CC4AEDA27994362D032
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1692264243&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692271442528&bpp=401&bdt=131&idt=688&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7072651159571&frm=20&pv=2&ga_vid=427256701.1692271443&ga_sid=1692271443&ga_hid=1013763069&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076876%2C31077148&oid=2&pvsid=538799672571642&tmod=592097280&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=710
Frame ID: AD3177FBB494CA562E305DF86A65DB18
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C4556BFFDA87C25905F2393434E6ED84
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 516E2A80BCAE22FDD9552F7644D9662D
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 3A74832ECCDE67A7FD4BE251B2F66435
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 18010492757DDA596043926059694367
Requests: 20 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: A9595450B1E3A8E11796BB4884661504
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 912B7EEA776B23FD826D9B4512B47503
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 210B1AC853FCB8AA4473C0F378355FA6
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1E9AD575-C789-434E-B4E7-7684BEEE02FB&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: A08ED3E38A42007C65993B3B616117E6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XnU4VFhyaQVFczoGWnVxVV5xOARFcmtVDHaRfv1C
Frame ID: 2DCEB2380F8DC7EE68A3E22A6449E552
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7459351539056021238&gdpr=0&gdpr_consent=
Frame ID: FC000773D095D90CAB7F8CA12DB29BEA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wb484hKWX3F2dPvXnUWD7FFfBSM&gdpr=0&gdpr_consent=
Frame ID: 95BC2DA8D21D4F168EC20CB55D24F353
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7268250507939412111&gdpr=0&gdpr_consent=
Frame ID: 7ADF42988B119F3013D2C25E1DD12B6D
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN4DVAAJOvhoaAA_
Frame ID: 9B52016C648A7F3549A5C3D3298D90C1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 8DAB697931B8F81AEF9FB66C90771977
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455420622270184
Frame ID: 8BA6D082C541A27B139CD4AFCF9FCA19
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAF4KE7JvAcAACaud8B8Jg&gdpr=0&gdpr_consent=
Frame ID: 404002A82AC2BD0183F49F7DDBBD4565
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 80FC841B278E9BF8E48C00915A7F209D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU0f722e4dc98245b6a949c31708e64d29&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Frame ID: FB9A7F2BF6F8749995BE0FF3942360C2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7963049915053187346
Frame ID: 85DE85F999F8E5924FB79C95FF03777E
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: E9489C105C36C27B65FE97AD37EA0B9A
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: AC2336B3ED075E7A4269D18030C7FEC8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1f38ailjgtm0
Frame ID: FDEEBCA7719ADA59295C10B7DBC0FFA9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSjhYRSRjVQjWTTRV&gdpr=0&gdpr_consent=
Frame ID: EAA20FA215702A24570368D68C28AC2B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: FE0FB1D43A35CFED8C94BB86D106D513
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)1E9AD575-C789-434E-B4E7-7684BEEE02FB
Frame ID: 81F9BD7E8335176A9F74F6B21DA29C4D
Requests: 1 HTTP requests in this frame

Frame: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 05EE1D0F38D6E7D62AA1FB591063A2A7
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Frame ID: AF60A73B614F81DAFDD0DC4841551EA4
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=securityaffairs.com
Frame ID: 2FF7151D3F019349950CB4EDB02E7897
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 61B0B0D850260C9ABB11AA023C181DCD
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Df37e14df79e0be88%26uid%3D
Frame ID: 4A315652B0BF8088164063E4EA9694C3
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D&s=190243&C=1
Frame ID: 6C2F5C9F0EE9E98EC23C8945E297F0DB
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 08DDB1DC2855A1458D5086BBDA377BEE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 1CE420615EABA17E98654532D908A144
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: BE7F87540135F0A4977FA8D9A4578850
Requests: 32 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Frame ID: D8F1131C380B1CEC2EA55BFF7F06A93D
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 0643AA96115629CF3016CC155CD54BD9
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=eplanning&uid=ALb-MpcF055A7u0A
Frame ID: B7E99A495E699E871BDB042A4F787222
Requests: 1 HTTP requests in this frame

Frame: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3C02F428C058C20B93E2D8C95CF538CA
Requests: 3 HTTP requests in this frame

Frame: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D5960B93519A40AB0F7BE2AA5BD5936F
Requests: 10 HTTP requests in this frame

Frame: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ADA530E80EA08E7622D4A08B70E8EE03
Requests: 12 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hgp7t80j7e098aj2svka5nvxy7d7wt5f41jzfjc7bj5va0m8nqvrrbg9p6frvgjm6bt47vxxkcyx357ezwktk9hwectzgm8b9b003e0h22dnc043gmmty1vzcmp9n6gezj05546qxhwxat9er9qrmp5xm5h37rxqxzatpcfkx5hna1xgpcegfaz3nxa8nywx250xb3j68z5cpjhdmx29vmffqncv0r5b5me0df1rje1r3xxqxfp651beyrqnva2rkgke28aqmpzmg3hn6fwz48e9as5w2yvn5mk8f48cnz2pztvq8cfcgrv9vgt26jyxvwzs0jr210gyhxpd52n1zwchgn1027aah2860hqy595gc9yc2rh4z9gy94g0n765xmzvax5s2k242ph85ztxdzskjvz9zc853kezccba9d6f4qfmjr7x8pyy2wmm7mh2r8cbqfnnzfg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%26client%3Dca-pub-8278416939377896%26adurl%3D
Frame ID: 0E3913A72EE6C18E6AF7122AE63CD8D8
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Frame ID: 8666B2A46124FD892D2AEBC8A1B9B301
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9545F5CABE3FB1C121CCD8D7B3A2235B
Requests: 9 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZN4DVAAJOvhoaAA_&gdpr=&gdpr_consent=
Frame ID: 05427ACC624C5CFE2D542E07D15FBD9A
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zOTA2MzQ0OS02YzYzLTRiNmUtYjlkMC01MTFjOTc3MzJlNWI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 5861CA81B3C6917833FF08988B8EE1C9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: B35D44FC45396C05CADB0D2519A71648
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 0FA380326A6FFAC2DC377514F889E8AE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZN4DVcCo5tAAAO1iymoAAAAA
Frame ID: FD435D6AF8176C5A78103B70B7516150
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_39063449-6c63-4b6e-b9d0-511c97732e5b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 63762498D049F87DFC6146142E58F59B
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Frame ID: 7B60B00680B8A794F5650E69CD7B5001
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DA3F3937E4D60EBB7CF8962F9E3E95E4
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 9B42FC83C8535F7F389D539D6675B017
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=mZ3nyFB0GpZRlmsuO8Rx&pi=gumgum&tc=1
Frame ID: 581691B4AEE57665F19D0148796D8672
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: EA67363DDD0051E9B10AE66F2140D714
Requests: 4 HTTP requests in this frame

Frame: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FB4F2081D28F7A31A66111C8929CEED9
Requests: 1 HTTP requests in this frame

Frame: https://services.vlitag.com/passback/?t=1692256733&d=24493&z=107673&divID=vi_24493107673_1&w=970&h=250&geo=CH&hn=securityaffairs.com
Frame ID: AD70A5C3113167AEEC88C8F5C3EDBEA5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 683E02DB6255117F100DE4AB948FACCE
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Frame ID: AB431F46720BD2965127C29B56026237
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Frame ID: 610225C28227FB3602F44F71E9018481
Requests: 4 HTTP requests in this frame

Frame: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6A101794644D64812DACDA719589C16F
Requests: 10 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8BC3FC4897672DCBA081213A7772DBA7
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kz6jsn8cshzzs75cswsk19829ve0gf4rzf27yjvez60wtk36zqbp2pq5zt5hwyw2nq1fxe3f3184z34nqenbdhptkvffpmmcta44xn8h88q1wx2hhw4rrxa3mhdxss1m45fqjgye3hca3jp7jxmcmepz63kf4k8rygt5bvt5vvw348zmcgfcdq9bmfz42n92vv2tsj4w3a5k9hc1fgx0tck0vhd861ajtzk3vgs20r6wmh8arpbqg0zr4jqhcgczb3dyhgrv2c6c6hd4r1b6n3bm5kny6kacc0q5ft2213kbnktnar1933gye3ss4tb6wq459cw7nk4fvp1yzzx5j1nz9epzeb11xqzq2kkmm3wjp9jpx85jb9ee9acnce7ab4fr5qtymbyafmqrsvtxg8cdbeen711z33x70dgpsjzb0kfk68k50crsymcc66khxzhf4qtww&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%26client%3Dca-pub-8278416939377896%26adurl%3D
Frame ID: 8136585791BCDD6C9B4C016EF912A5DF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 15F88B1D6A2ED88816515634E7A012B1
Requests: 9 HTTP requests in this frame

Frame: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D5E3C6A43785D0EFA92B38A1244259A1
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A5A9BA906A9EA540E459F880F55B5C5F
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?userid=7268250507939412111&ssp=9&gdpr=0
Frame ID: 2B432EFD2D377688314AA5B9BB821167
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Frame ID: 9B10C590310282D6D978A7C64E3A2DE0
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 698460586C22AD9781CD77BD5AE3191C
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Db31899ded8ce2225%26uid%3D
Frame ID: 58FA1430E96D8A961C7DB6B04E03FE49
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db31899ded8ce2225%26uid%3D
Frame ID: 1861DD200C4BB3861F21C1F8B1FA1945
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: D13F05C703CD141EB7FAF7327765F3AC
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 7DF757805C820699A539F60254BE856C
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 9B8CA26DE23542CE721CEB440620E7D0
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Frame ID: D5CCA4542A4CFCCE681D16D6CECE062E
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: FF9B65D2F1AF8338AFD09F1C88910BA8
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=eplanning&uid=ALb-MpcF055A7u0A
Frame ID: 90B5681D19C496A7EF9F37721AE8EB8B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FBE8E7B68F51E13793B9A5ECF5829EEF
Requests: 1 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=157940&siteId=824873&adId=3599896&imprId=89459DE5-1D61-45DD-A88D-EC887D4DD0C2&cksum=A2F7092B850552F8&adType=10&adServerId=243&kefact=0.519714&kaxefact=0.519714&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1692271444&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.402524&dcId=3&tldId=0&passback=0&svr=BIDAMS0192&adsver=_115843193&adsabzcid=0&cls=BID&i0=0x2100000000000000&c0=0x1&ekefact=VAPeZGEtBwBewrcAm7OkyHOu7uMIIhYG9dmL72Rclzxn4Gc_&ekaxefact=VAPeZG8tBwC_22vk9lhjGTf1SPuvktYeK0OegEBA2NZ4DL3w&ekpbmtpfact=VAPeZHstBwAQFYtpsHmRl5gKCmAugZsbjF8jr1R6jnctDK2g&enpp=VAPeZIYtBwASrmsqo3ewevx3_kgIpkY7OtxQd-q1ApXNq9Ex&pfi=1&domId=8222502327166973060&dc=AMS&pubBuyId=20680&crID=18322084&lpu=mobile.1und1.de&ucrid=14797319907573267814&campaignId=23040&creativeId=0&pctr=0.000000&wDSPByrId=3202&wDspId=1101&wbId=3&wrId=2610456&wAdvID=113000&wDspCampId=5357381&isRTB=1&rtbId=440B0255-3D0A-4E64-8511-79B8D1136F76&ver=11&dateHr=2023081711&oid=89459DE5-1D61-45DD-A88D-EC887D4DD0C2&cntryId=58&domain=securityaffairs.com&sec=1&pAuSt=2&wops=0&sURL=securityaffairs.com&BrID=5
Frame ID: D94188E7C5A9C8035BEA82ACD4960659
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=175059%2C157265%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKM%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CGgdFBfpf6jZGCKHeHGtBCppJHZSYTJVPTY8zK%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=ce88c192b3f1e0ce9c16159bc9b85813%2F8424617169155200433&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Frame ID: DFD563CFC151C9EBD33AC4EB034965D3
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=728&d=90&e=&g=30cde0e5af03cfc80d1e611d648291e2%2F16412209434263918788&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445309&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Frame ID: 46F7BD63BD513F300F8881F7A2B13B5B
Requests: 14 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZN4DVAAJOvhoaAA_&gdpr=&gdpr_consent=
Frame ID: 8646A312E70D9661D53030863126D9EA
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zOTA2MzQ0OS02YzYzLTRiNmUtYjlkMC01MTFjOTc3MzJlNWI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 9C2B586571EBBF6DE83DC2A4BEE7E660
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: C36D84E485C1543C36DC2EFF3ECC489A
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 4250485F5585828A3EFFC24906F5DEBE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZN4DVcCo5tAAAO1iyoYAAAAA
Frame ID: 7CC1CB94A044B55C41A45A772038C1DC
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_39063449-6c63-4b6e-b9d0-511c97732e5b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 831E50174963F65C26A76EDB7280EED0
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: C5F8403BD4FB8EB43DCD75F7D3D74EC8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=mZ3nyFB0GpZRlmsuO8Rx&pi=gumgum
Frame ID: 952554F6266F6A6AACD4E2A833009CAA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 6D556A8C29DD6CC5DAE67AA53B9B9992
Requests: 3 HTTP requests in this frame

Frame: https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d6ea94__@@__64ccaeb59fb40.jpg
Frame ID: E76940259457C2CAAAFF5F6B9C5EF1D1
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 5A9CFA7517FE31DE4113EE54805471C0
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: 857CEF680693694132D898ED8342D7AF
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: B96A441B355E3954BF15BAD35910B6C4
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: 0C315335CC168E318B5E2CEF1CFD92D2
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: A819AA7B932C2C671932EAA6C258DE66
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=1E9AD575-C789-434E-B4E7-7684BEEE02FB&gdpr=0&gdpr_consent=
Frame ID: E9FA791BF0DDAC7C219F53C6CE9E24A5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=1E9AD575-C789-434E-B4E7-7684BEEE02FB&gdpr=0&gdpr_consent=
Frame ID: A982D29728D3CF6F87FB2B0C55FF28B4
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: FB836D4441C112E078423116F61C1AF6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CB22D64B9FCB4F978BEE2013A9CA74BD&gdpr=0&gdpr_consent=
Frame ID: 5092FC5F675C594F7F0CC03B91F26DAD
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1028135278
Frame ID: 1216E175F2F87BECE193496067502110
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)1E9AD575-C789-434E-B4E7-7684BEEE02FB
Frame ID: 1DFAE48E2F16DBC5D05F77A5BFCBB753
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)1E9AD575-C789-434E-B4E7-7684BEEE02FB
Frame ID: AA45911C7E98A2A3AEC12343D3EEBAE2
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)1E9AD575-C789-434E-B4E7-7684BEEE02FB
Frame ID: B52B5BD2183170A00184DEFDB2FA3A93
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 6EBE9BAAACB401ACB86CAB61121DCF46
Requests: 8 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: C1A287B1416DBA2A0E001288A56974C1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Frame ID: BD6FD9DC0B56E901FF7CF07E5DDE107E
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 497FFE8DD896D7B7969A80F6C5AE871D
Requests: 6 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 6B129C28AE10054482D04DD4A0D382F0
Requests: 6 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=f37e14df79e0be88&uid=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Frame ID: 8977D21ADCDFE0AD2A1A8B1FD2F3F183
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: 3E14E3ABC6FCE40F9483E480C3008FCD
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 3A4B2EE5A899BC2394936D7FD563FBF6
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: 474569B05AAF6D145DE0AACA20D5A789
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 6AD86BA86ED87C0909F5E04877B25D5E
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: C0F8F33CA5295E81ECDB9E48C38FC62A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 1357508643E6EFB9DF5E0B2F81B9A94C
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Frame ID: 15D1B38A39AD466DAC4F67772265F74F
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=f37e14df79e0be88&uid=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Frame ID: 928C00664BF1750892FBB2F7BB72B486
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Frame ID: FE98D4E770965C9C062C0691F7CE06D5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Frame ID: 74DCACAEFE69A6F27744FEB6CDD24F7E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Frame ID: 77AE4F473F21536D5337B4EE0AE65252
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=b31899ded8ce2225&uid=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Frame ID: 1454945F85C8FB9A90D3AA8A9D90F698
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Frame ID: 2EEBBEB5CB973E793EC38182B9F2AB07
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=b31899ded8ce2225&uid=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Frame ID: 468D62BA50824B8B7F55C8495CC372C7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Frame ID: 00A37C0D39A3E42BD4555B324C0EE52C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Experts warn attackers started exploiting Citrix ShareFile RCE flawSecurity Affairs

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

688
Requests

82 %
HTTPS

29 %
IPv6

133
Domains

214
Subdomains

149
IPs

20
Countries

5303 kB
Transfer

10918 kB
Size

164
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 145
  • https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
  • https://redirector.googlevideo.com/videoplayback?expire=1692291438&ei=Dv3dZOaVDNS1sfIP44-LwAw&ip=184.164.141.146&id=o-AH59Vka4II1-294PbI6v2FzLvZ4WKBRw8aSGPukXbRYB&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&mh=d6&mm=31%2C29&mn=sn-2puupm-2pue%2Csn-5hne6nsy&ms=au%2Crdu&mv=u&mvi=1&pl=22&spc=UWF9fyhAqX1GYhLZZqNPYo57TA_RYgXGcqxzbXC9aA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=xFj88cJ8DyIV9glJfjo3TNAP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&mt=1692269493&fvip=3&keepalive=yes&fexp=24007246%2C24363391&c=WEB&txp=6216224&n=_JgZdWeAuX0os7Na&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPiWysTV3dwAx8YuGfzBp7WqcZhhBRfzU2o0i_R5h-yXAiB2OIlNgU45uc3vidXBhHjnvStsNBnpJnb1zA4W1Q6wGg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgQtyWeKXuD-O_1Yl_MjAfPOxeZ2Hyntw0jlnmT8ZUvMwCIFWSqQ6kIoAV9TAf5Jr6qdlsdRArrbfz8BAMzyLwbQIP HTTP 302
  • https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1692291438&ei=Dv3dZOaVDNS1sfIP44-LwAw&ip=184.164.141.146&id=o-AH59Vka4II1-294PbI6v2FzLvZ4WKBRw8aSGPukXbRYB&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9fyhAqX1GYhLZZqNPYo57TA_RYgXGcqxzbXC9aA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=xFj88cJ8DyIV9glJfjo3TNAP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246%2C24363391&c=WEB&txp=6216224&n=_JgZdWeAuX0os7Na&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPiWysTV3dwAx8YuGfzBp7WqcZhhBRfzU2o0i_R5h-yXAiB2OIlNgU45uc3vidXBhHjnvStsNBnpJnb1zA4W1Q6wGg%3D%3D&cms_redirect=yes&mh=d6&mip=2a01:4a0:2b::9&mm=31&mn=sn-4g5edndk&ms=au&mt=1692271028&mv=m&mvi=5&pl=46&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJe2Rxe8m8O4zNjS0zv0PROUxoQFZlCUo3cx1K2ekwF0AiAkLybsC98Py5gz8kvHnyqySvs716jc-wQiVqpASPP2VQ%3D%3D
Request Chain 160
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1E9AD575-C789-434E-B4E7-7684BEEE02FB&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1E9AD575-C789-434E-B4E7-7684BEEE02FB&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 161
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XnU4VFhyaQVFczoGWnVxVV5xOARFcmtVDHaRfv1C
Request Chain 162
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7459351539056021238&gdpr=0&gdpr_consent=
Request Chain 163
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wb484hKWX3F2dPvXnUWD7FFfBSM&gdpr=0&gdpr_consent=
Request Chain 164
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7268250507939412111&gdpr=0&gdpr_consent=
Request Chain 165
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN4DVAAJOvhoaAA_
Request Chain 166
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 167
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455420622270184
Request Chain 168
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGNEtFN0p2QWNBQUNhdWQ4QjhKZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAF4KE7JvAcAACaud8B8Jg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAF4KE7JvAcAACaud8B8Jg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAF4KE7JvAcAACaud8B8Jg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3100904523491322904&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAF4KE7JvAcAACaud8B8Jg&gdpr=0&gdpr_consent=
Request Chain 170
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU0f722e4dc98245b6a949c31708e64d29&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Request Chain 171
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7963049915053187346
Request Chain 174
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1f38ailjgtm0
Request Chain 175
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8cb3989c5dc47795/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D0E2y59DCSjhYRSRjVQjWTTRV%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D0E2y59DCSjhYRSRjVQjWTTRV%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSjhYRSRjVQjWTTRV&gdpr=0&gdpr_consent=
Request Chain 176
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HprVdceJQ06053aEvu4C-w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 180
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2036628588 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Request Chain 181
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=1E9AD575-C789-434E-B4E7-7684BEEE02FB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTY5TWFSUW5Ub2lSZzZMR3NyUmdQeFJiQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=2407697930668253618&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUU5QUQ1NzUtQzc4OS00MzRFLUI0RTctNzY4NEJFRUUwMkZC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFzlbslW6-iakT24nbVefAg&google_cver=1
Request Chain 186
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2407697930668253618
Request Chain 189
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1ab11767-d619-4fc8-bdc0-9c39973188cb&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 190
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4138269106523966498&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 192
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:da1ce358-6341-4720-a91b-ae40fbe355cc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 217
  • https://ads.stickyadstv.com/user-matching?id=3656 HTTP 302
  • https://u.4dex.io/setuid?bidder=freewheel&uid=5cbe9d52294ae63a2431ab76bc435be4
Request Chain 218
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Request Chain 229
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Df37e14df79e0be88%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=f37e14df79e0be88&uid=7459351539056021238
Request Chain 230
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Df37e14df79e0be88%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=f37e14df79e0be88&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
Request Chain 232
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3Df37e14df79e0be88 HTTP 302
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=f37e14df79e0be88
Request Chain 233
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 235
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D&s=190243&C=1
Request Chain 240
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=securityaffairs.com&sn=ChromeSyncframe&so=0&topUrl=securityaffairs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=OQMw8nwwazc4QjZyVmtEYnpJR1BSSDZuclVMM2FCcW1uclMzU2luUjNlUERZWTl2ZE9hekFZYTFtYzIySVN6bTNxSDk4clViM1E3TjJuN2ZkcnJZT041K3p3T2UxeE0vT2RtL052Mzg1cyt2WVlnbFg0RzR2dk9ibXN1Z0daZnlZcmhvQzlCRjB1VEpPamFCT1liV0FUSEY5NGJ2V3EyS056bUtEOVVFenNZVGtlczFRZnVpSkVTckxSdkJWVVFHS2ZaUWNXV2RXOUJLSWxjNkRHakhPOFdDWTNLaDY4ck04YVF5NkZISGt0cEswaVlCMzEvY29qUE1qRVVxdGNmSE1LT1BFR1VETkJnN21USGh5OHA0VmxWM05mT1dEaXNORitYNksrMTlzQUlzUmNXTT18&cppv=2
Request Chain 250
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7a73c290-0aff-4260-6dee-d983676cfc18%26reqId%3D2f33f521-1ee1-46c4-757c-14d1e40a86d3%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7a73c290-0aff-4260-6dee-d983676cfc18%26reqId%3D2f33f521-1ee1-46c4-757c-14d1e40a86d3%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=3d83cb6a-d276-42c4-b841-092c93920f3f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Request Chain 257
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=7a73c290-0aff-4260-6dee-d983676cfc18&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7a73c290-0aff-4260-6dee-d983676cfc18%26reqId%3D2f33f521-1ee1-46c4-757c-14d1e40a86d3%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=7a73c290-0aff-4260-6dee-d983676cfc18&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7a73c290-0aff-4260-6dee-d983676cfc18%26reqId%3D2f33f521-1ee1-46c4-757c-14d1e40a86d3%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=62085116018922815660089771698506459570&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Request Chain 259
  • https://bn01.er.bemail.it/zeotap.php?_bid=7a73c290-0aff-4260-6dee-d983676cfc18&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023081713-66551-0.669205001692271444-e3d279e47b287347148831ac4a454c76&zdid=533&env=mWeb
Request Chain 260
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7a73c290-0aff-4260-6dee-d983676cfc18%26reqId%3D2f33f521-1ee1-46c4-757c-14d1e40a86d3%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7268250507939412111&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Request Chain 261
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=7a73c290-0aff-4260-6dee-d983676cfc18 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=7a73c290-0aff-4260-6dee-d983676cfc18
Request Chain 262
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=7a73c290-0aff-4260-6dee-d983676cfc18&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7a73c290-0aff-4260-6dee-d983676cfc18%26reqId%3D2f33f521-1ee1-46c4-757c-14d1e40a86d3%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=yqYQXL0CA0b6r1x7GjP9Ne&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Request Chain 264
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=7a73c290-0aff-4260-6dee-d983676cfc18?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Request Chain 265
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
Request Chain 266
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=dxDSvG56TBxQy0upfjRoAG9yTihRSmPu%2BS41iYitP1U%3D
Request Chain 270
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7a73c290-0aff-4260-6dee-d983676cfc18%26reqId%3D2f33f521-1ee1-46c4-757c-14d1e40a86d3%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZN4DVAAJOvhoaAA_&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Request Chain 271
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Request Chain 272
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7a73c290-0aff-4260-6dee-d983676cfc18&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7a73c290-0aff-4260-6dee-d983676cfc18&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361&dcc=t
Request Chain 274
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7a73c290-0aff-4260-6dee-d983676cfc18%26reqId%3D2f33f521-1ee1-46c4-757c-14d1e40a86d3%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Request Chain 284
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN4DVEwaCwBfIjOatYFQKQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXSDQRyVbojB4Cu0n9FDsI&google_cver=1
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBMJPcEHdRpCZYQio14SYJ4&google_cver=1
Request Chain 286
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN4DVAAJOvhoaAA_
Request Chain 287
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7459351539056021238
Request Chain 288
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2407697930668253618&expiration=1693481044
Request Chain 289
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1692357844
Request Chain 295
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7459351539056021238
Request Chain 296
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_39063449-6c63-4b6e-b9d0-511c97732e5b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=FKKOXRKl3wwPpIwPEKLHXBSmjg0Ppd1cRqEdN--P
Request Chain 297
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ZxK_iBduv2W3Ab9Xwj8fJWPAeOraH0BzpCY6sx8QjZHJhtFiA8VAhRDrDBRkkD0f%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28ZxK_iBduv2W3Ab9Xwj8fJWPAeOraH0BzpCY6sx8QjZHJhtFiA8VAhRDrDBRkkD0f%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_39063449-6c63-4b6e-b9d0-511c97732e5b&obuid=ENC(ZxK_iBduv2W3Ab9Xwj8fJWPAeOraH0BzpCY6sx8QjZHJhtFiA8VAhRDrDBRkkD0f) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 299
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35
Request Chain 301
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=74028443-b1bd-4f33-8a88-39ffc4005428
Request Chain 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 304
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_39063449-6c63-4b6e-b9d0-511c97732e5b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 305
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=feb9cd5c-c1ec-41fe-96bb-a57d5dded66d
Request Chain 306
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=C76w5hsDfHFS&ev=1&pid=558355
Request Chain 318
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZN4DVAAJOvhoaAA_&gdpr=&gdpr_consent=
Request Chain 322
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZN4DVcCo5tAAAO1iymoAAAAA
Request Chain 332
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=mZ3nyFB0GpZRlmsuO8Rx&pi=gumgum&tc=1
Request Chain 333
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 346
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJAcSOkKtNo_FQ864BGY5Ro&google_cver=1&google_push=AXcoOmSIyuMx4S0tw24Z4W2x-9FDNDoTUfqx7jKvner5bg2b2xVchLjCXfArl5L2zBeZGn99gmZj1Am9J3TOGKlhOnEgsJfL6i0XtQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSIyuMx4S0tw24Z4W2x-9FDNDoTUfqx7jKvner5bg2b2xVchLjCXfArl5L2zBeZGn99gmZj1Am9J3TOGKlhOnEgsJfL6i0XtQ
Request Chain 347
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECY2xyOeYGe-PZW3hBSpUNg&google_cver=1&google_push=AXcoOmQQkev1T4QfWQ-ZQnUQRUb7O_pw6Zjytr5-uT5sqqcKFLn78SvItUA3-KX8Jz5GHCTBPLpCP6dEpGZfaiEFZCbnkOy7O3P_ig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk40RFZBQUpPdmhvYUFBXw==&google_gid=CAESECY2xyOeYGe-PZW3hBSpUNg&google_cver=1&google_push=AXcoOmQQkev1T4QfWQ-ZQnUQRUb7O_pw6Zjytr5-uT5sqqcKFLn78SvItUA3-KX8Jz5GHCTBPLpCP6dEpGZfaiEFZCbnkOy7O3P_ig
Request Chain 348
  • https://um.simpli.fi/gp_match?google_gid=CAESEFMOi6ZRly9ZN3hx20shZjI&google_cver=1&google_push=AXcoOmQuPeAm29VsTf2RLR6xZ29y-rOzoV4Fu64wEfY2bD9Yl0RmjiXnmqN26KJgl_WhBaNKz1L_WZ4mSpaVZioGNJOTYm0RW6K8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CB22D64B9FCB4F978BEE2013A9CA74BD&google_push=AXcoOmQuPeAm29VsTf2RLR6xZ29y-rOzoV4Fu64wEfY2bD9Yl0RmjiXnmqN26KJgl_WhBaNKz1L_WZ4mSpaVZioGNJOTYm0RW6K8
Request Chain 351
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB_HjQVlo0e8f6wYtcm22Hg&google_cver=1&google_push=AXcoOmQVQ0ZOXZM1Eoy1Mep5DovTINqrXE9Fqh2aIQL7bVVjH7KsSHl13NPX4TXAWfltZVE5hFzo9WGJlusTEi52IB6MzjACPgdgAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNzY5NzkzMDY2ODI1MzYxOA&google_push=AXcoOmQVQ0ZOXZM1Eoy1Mep5DovTINqrXE9Fqh2aIQL7bVVjH7KsSHl13NPX4TXAWfltZVE5hFzo9WGJlusTEi52IB6MzjACPgdgAA
Request Chain 352
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSA98R38aUDFlxNGpc9Iedtxwn9uyv66BeuVJFQqqfRTbwfocjm93RqLE-ZkSSd1VPWX6szOfian-yut7Ms2KdTJoVOyYJKKA&google_gid=CAESEPGGa7ikOFpf8dq917BWueY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-KuNIiWVUijCBLPOBHfHPjC6stbhfOXQDq5-NMg&google_push=AXcoOmSA98R38aUDFlxNGpc9Iedtxwn9uyv66BeuVJFQqqfRTbwfocjm93RqLE-ZkSSd1VPWX6szOfian-yut7Ms2KdTJoVOyYJKKA
Request Chain 355
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDUWpb5IrFdpo56A_cdvk4A&google_cver=1&google_push=AXcoOmSWYRKZkWXm5h87EKBoAxY77UEzIBhvlLXkAmaj7m_jqvx_3AgU0pdGnDVnbRQ3BknctbTDFzrvE4essLRdpokMnHME9xo HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSWYRKZkWXm5h87EKBoAxY77UEzIBhvlLXkAmaj7m_jqvx_3AgU0pdGnDVnbRQ3BknctbTDFzrvE4essLRdpokMnHME9xo&google_hm=E9karhdj3k1Yx4dMZWs2qw
Request Chain 356
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJAcSOkKtNo_FQ864BGY5Ro&google_cver=1&google_push=AXcoOmQjB5GxsSSNwGjv_A50RueVhR4COkhDOnimUx_JhZBTKh86s0RuqrDybLz01jXwUYgx7nCoGph7W7tHOIvlepZR7pbPRgI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=68dk3gNUQwCiWWf3VrXFqA&google_push=AXcoOmQjB5GxsSSNwGjv_A50RueVhR4COkhDOnimUx_JhZBTKh86s0RuqrDybLz01jXwUYgx7nCoGph7W7tHOIvlepZR7pbPRgI
Request Chain 358
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE_BEbZUDUDGeymwYZwC-AA&google_cver=1&google_push=AXcoOmRxZt862a-8YDUAyvrg6Cfy1MYpdvS0wcLK3jQQ8quP1NLNpz_uWM-GAulzMCrXyqsxT7mIYyuxPxtRasPoe-owHdWb67I HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRxZt862a-8YDUAyvrg6Cfy1MYpdvS0wcLK3jQQ8quP1NLNpz_uWM-GAulzMCrXyqsxT7mIYyuxPxtRasPoe-owHdWb67I&google_hm=hmTeA1SRozyQx_G4dw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64DE035491A33C90C7F1B877BLIS
Request Chain 360
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOwLYX5aI3LKquDBNipKoOs&google_cver=1&google_push=AXcoOmTX72IGYieaH44fD3akkfZBc5mXAIleq0cx4IverhQUtfw7_ukay2X7Wqima_HlnHB7ehjZ573xb9QLfFyS0ozr9XnqWA HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTX72IGYieaH44fD3akkfZBc5mXAIleq0cx4IverhQUtfw7_ukay2X7Wqima_HlnHB7ehjZ573xb9QLfFyS0ozr9XnqWA&google_gid=CAESEOwLYX5aI3LKquDBNipKoOs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D&google_push=AXcoOmTX72IGYieaH44fD3akkfZBc5mXAIleq0cx4IverhQUtfw7_ukay2X7Wqima_HlnHB7ehjZ573xb9QLfFyS0ozr9XnqWA
Request Chain 374
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Request Chain 375
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Request Chain 401
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECY2xyOeYGe-PZW3hBSpUNg&google_cver=1&google_push=AXcoOmQs0jMj2j7lvpuQe1tEGKghxeGVQxIxGON-438ADpk_VSIfZw2DRGlRF0G2YOJoAG9FLkBYqwD2es8NJO3Xj5iUAutKhB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk40RFZBQUpPdmhvYUFBXw==&google_gid=CAESECY2xyOeYGe-PZW3hBSpUNg&google_cver=1&google_push=AXcoOmQs0jMj2j7lvpuQe1tEGKghxeGVQxIxGON-438ADpk_VSIfZw2DRGlRF0G2YOJoAG9FLkBYqwD2es8NJO3Xj5iUAutKhB8
Request Chain 402
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE_BEbZUDUDGeymwYZwC-AA&google_cver=1&google_push=AXcoOmQi1MUkkwSFrGGIwUxbyMF19ok-rIEFVyPLYLEs9Jw0WA1MyvoEOdvyyKOSvZkSYMF2aaFpS8EvojoHPLf00PYMli9MAA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQi1MUkkwSFrGGIwUxbyMF19ok-rIEFVyPLYLEs9Jw0WA1MyvoEOdvyyKOSvZkSYMF2aaFpS8EvojoHPLf00PYMli9MAA&google_hm=hmTeA1SRozyQx_G4dw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64DE035491A33C90C7F1B877BLIS
Request Chain 405
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBMJPcEHdRpCZYQio14SYJ4&google_cver=1&google_push=AXcoOmTV1h4fwarmj_DqFvHIsCpG-xHejqHqB9qplwXZiFnSUZtEn_d3B77AR_DlTWv5iS3fPXRPxi81wyAELY3uQIqUFNx_Dg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBMJPcEHdRpCZYQio14SYJ4&google_hm=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB&google_nid=index&google_push=AXcoOmTV1h4fwarmj_DqFvHIsCpG-xHejqHqB9qplwXZiFnSUZtEn_d3B77AR_DlTWv5iS3fPXRPxi81wyAELY3uQIqUFNx_Dg
Request Chain 406
  • https://match.360yield.com/match/ebda?google_gid=CAESEMLDWCteNeBAuhNMVNDCWiw&google_cver=1&google_push=AXcoOmRv21lKkmWiEKzSdGoHI94Ynsv7mdTB83WBs3kl80rH_mV7O713zeFZMe5AA5zMt7O8fQ5E5cP5BcjN8VPBiNw-jUax31A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_rnNXMHsQf6Wu6V9Xd7WbQ&google_push=AXcoOmRv21lKkmWiEKzSdGoHI94Ynsv7mdTB83WBs3kl80rH_mV7O713zeFZMe5AA5zMt7O8fQ5E5cP5BcjN8VPBiNw-jUax31A
Request Chain 407
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH_w_KB545xuTqABhYCvKSA&google_cver=1&google_push=AXcoOmR5xnGtDlGAUdmSwiSNYlkobncZh4ls94qBfTgvyi7gaRgCoPb4fnt2zXpjJpqbgQQvtCyATKn54oqfwJ4y7Lz8xGuBy6g HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmR5xnGtDlGAUdmSwiSNYlkobncZh4ls94qBfTgvyi7gaRgCoPb4fnt2zXpjJpqbgQQvtCyATKn54oqfwJ4y7Lz8xGuBy6g&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1692271445170 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-19f78d4c-a502-4260-bdfd-fa738269cfdd-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmR5xnGtDlGAUdmSwiSNYlkobncZh4ls94qBfTgvyi7gaRgCoPb4fnt2zXpjJpqbgQQvtCyATKn54oqfwJ4y7Lz8xGuBy6g%26google_hm%3DAxn3jUylAkJgvf36c4Jpz90 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR5xnGtDlGAUdmSwiSNYlkobncZh4ls94qBfTgvyi7gaRgCoPb4fnt2zXpjJpqbgQQvtCyATKn54oqfwJ4y7Lz8xGuBy6g&google_hm=Axn3jUylAkJgvf36c4Jpz90
Request Chain 427
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDUWpb5IrFdpo56A_cdvk4A&google_cver=1&google_push=AXcoOmTNXnk65YbW2S6gLarf3xtGr5qKYXNoDMFXU3_9xvxFo32pMOmuIELNbJtCNH9cD7ylwo7dWpdAo2f0No2JT_v1s0gxNWiW HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTNXnk65YbW2S6gLarf3xtGr5qKYXNoDMFXU3_9xvxFo32pMOmuIELNbJtCNH9cD7ylwo7dWpdAo2f0No2JT_v1s0gxNWiW&google_hm=E9karhdj3k1Yx4dMZWs2qw
Request Chain 428
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJAcSOkKtNo_FQ864BGY5Ro&google_cver=1&google_push=AXcoOmTACFQDirHxhubbAFMQRW3k4DDcZFYGNNkJ50h2EsfoADihbNt7Dd0jhXjIzPgJplVS5ioWs6kvqC1PXveGS-1qlcPSeznZ7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=68dk3gNUQwCiWWf3VrXFqA&google_push=AXcoOmTACFQDirHxhubbAFMQRW3k4DDcZFYGNNkJ50h2EsfoADihbNt7Dd0jhXjIzPgJplVS5ioWs6kvqC1PXveGS-1qlcPSeznZ7A
Request Chain 429
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECY2xyOeYGe-PZW3hBSpUNg&google_cver=1&google_push=AXcoOmS1E3x6-xmfTFoEqX4h8SpRfNKsJNfvbn_KIWcxAqhwO5N7oUkweZkHidIt19I89WoFqenBsf8CJ1n8wfyxZFDR7jTC3BF3zA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk40RFZBQUpPdmhvYUFBXw==&google_gid=CAESECY2xyOeYGe-PZW3hBSpUNg&google_cver=1&google_push=AXcoOmS1E3x6-xmfTFoEqX4h8SpRfNKsJNfvbn_KIWcxAqhwO5N7oUkweZkHidIt19I89WoFqenBsf8CJ1n8wfyxZFDR7jTC3BF3zA
Request Chain 430
  • https://um.simpli.fi/gp_match?google_gid=CAESEFMOi6ZRly9ZN3hx20shZjI&google_cver=1&google_push=AXcoOmQu7soWskJr8obkxOEv0niW4h3eOjOLNLNGN3DsYizLcuxsid4jCOr6JH97_hywjSUNSoGJiUzUpQ0mcUqB7X13GZPuZnPjqQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CB22D64B9FCB4F978BEE2013A9CA74BD&google_push=AXcoOmQu7soWskJr8obkxOEv0niW4h3eOjOLNLNGN3DsYizLcuxsid4jCOr6JH97_hywjSUNSoGJiUzUpQ0mcUqB7X13GZPuZnPjqQ
Request Chain 431
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE_BEbZUDUDGeymwYZwC-AA&google_cver=1&google_push=AXcoOmRj4A1sC-ZjyblyAbI7r8dYAFtSOfllQm_4H0TLFLzpFXJiMBWPQf-gLRAce3d-RkCpfztYuIjAV-Z5ov45HjpKxxXQkumZSg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRj4A1sC-ZjyblyAbI7r8dYAFtSOfllQm_4H0TLFLzpFXJiMBWPQf-gLRAce3d-RkCpfztYuIjAV-Z5ov45HjpKxxXQkumZSg&google_hm=hmTeA1SRozyQx_G4dw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64DE035491A33C90C7F1B877BLIS
Request Chain 433
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB_HjQVlo0e8f6wYtcm22Hg&google_cver=1&google_push=AXcoOmTIULQH4nFJl9R1TJQYF0DkAbCLc66Ey-DLq-wct9NZuq1qpL2jigebZXPF9pNWYds-UkItD24bxTy9x26qRUNUmwOyHuTRpg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNzY5NzkzMDY2ODI1MzYxOA&google_push=AXcoOmTIULQH4nFJl9R1TJQYF0DkAbCLc66Ey-DLq-wct9NZuq1qpL2jigebZXPF9pNWYds-UkItD24bxTy9x26qRUNUmwOyHuTRpg
Request Chain 453
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://u.4dex.io/setuid?bidder=appnexus&uid=7459351539056021238
Request Chain 462
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Db31899ded8ce2225%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=b31899ded8ce2225&uid=7459351539056021238
Request Chain 463
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Db31899ded8ce2225%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=b31899ded8ce2225&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
Request Chain 465
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3Db31899ded8ce2225 HTTP 302
  • https://u-ams03.e-planning.net/um?uid=csuid_f51f4502-7d6c-4c4c-82de-6e2f73249c65&dc=b337141cfdc8cf59&fi=b31899ded8ce2225
Request Chain 466
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 479
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN4DVEwaCwBfIjOatYFQKQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXSDQRyVbojB4Cu0n9FDsI&google_cver=1
Request Chain 481
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBMJPcEHdRpCZYQio14SYJ4&google_cver=1
Request Chain 483
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708169045&external_user_id=5ff12970-bf75-43a4-b869-26c3bdd16b9f
Request Chain 484
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420622270184
Request Chain 485
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2407697930668253618&expiration=1693481045
Request Chain 486
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4138269106523966498
Request Chain 490
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7459351539056021238
Request Chain 491
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_39063449-6c63-4b6e-b9d0-511c97732e5b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dgumgum2%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=gumgum2&user_id=k-56R0vGVUijCBLPOBHfHPjC6stbg3ccIQ_IkYnA&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=1ab11767-d619-4fc8-bdc0-9c39973188cb&gdpr=&gdpr_consent=&us_privacy=
Request Chain 492
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ZxK_iBduv2W3Ab9Xwj8fJWPAeOraH0BzpCY6sx8QjZHJhtFiA8VAhRDrDBRkkD0f%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28ZxK_iBduv2W3Ab9Xwj8fJWPAeOraH0BzpCY6sx8QjZHJhtFiA8VAhRDrDBRkkD0f%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_39063449-6c63-4b6e-b9d0-511c97732e5b&obuid=ENC(ZxK_iBduv2W3Ab9Xwj8fJWPAeOraH0BzpCY6sx8QjZHJhtFiA8VAhRDrDBRkkD0f) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 494
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35
Request Chain 496
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=74028443-b1bd-4f33-8a88-39ffc4005428
Request Chain 497
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 499
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_39063449-6c63-4b6e-b9d0-511c97732e5b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 500
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=feb9cd5c-c1ec-41fe-96bb-a57d5dded66d
Request Chain 501
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=74xGRpaD9bOf&ev=1&pid=558355
Request Chain 504
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7a73c290-0aff-4260-6dee-d983676cfc18%26reqId%3Dbf3fedf8-f5dc-4504-70da-ee67f6044a73%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=bf3fedf8-f5dc-4504-70da-ee67f6044a73&zdid=1361
Request Chain 509
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZN4DVAAJOvhoaAA_&gdpr=&gdpr_consent=
Request Chain 513
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZN4DVcCo5tAAAO1iyoYAAAAA
Request Chain 516
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=mZ3nyFB0GpZRlmsuO8Rx&pi=gumgum
Request Chain 517
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 523
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKzDgrPK44ADFZ-R_QcdAywGRg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081713240587990392065X117703V1226132702MSviewoneidJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023081713240587990392065X117703V1226132702MSviewoneidJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117703&partnerid=12218
Request Chain 534
  • https://t.adcell.com/p/view?promoId=309583&slotId=46690&pv=1&htlp=1&subId=oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.restposten.de/?utm_source=ADCELL&utm_medium=Text&utm_campaign=Standard&bid=309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Request Chain 558
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1863437367 HTTP 302
  • https://sync.1rx.io/usersync/turn/4138269106523966498?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-19f78d4c-a502-4260-bdfd-fa738269cfdd-003?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-19f78d4c-a502-4260-bdfd-fa738269cfdd-003 HTTP 302
  • https://u.4dex.io/setuid?bidder=unruly&uid=RX-19f78d4c-a502-4260-bdfd-fa738269cfdd-003
Request Chain 572
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 573
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDhFHZwc7vqJT8fpqXnkeX8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 574
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D
Request Chain 576
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=46094411890339888485&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=1ab11767-d619-4fc8-bdc0-9c39973188cb HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=feae710e-9c96-4cfd-b55b-27144b5b049e&expires=10&ssp=triplelift&bsw_param=1ab11767-d619-4fc8-bdc0-9c39973188cb
Request Chain 579
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=c93b3ca0-285e-413a-9c84-b21e7a82437f&dongle=013b
Request Chain 580
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7459351539056021238&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 583
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 584
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDhFHZwc7vqJT8fpqXnkeX8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 585
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D
Request Chain 587
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=46094411890339888485&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2407697930668253618&ssp=triplelift
Request Chain 590
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=c93b3ca0-285e-413a-9c84-b21e7a82437f&dongle=013b
Request Chain 591
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7459351539056021238&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 593
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB
Request Chain 598
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=74028443-b1bd-4f33-8a88-39ffc4005428&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 599
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4138269106523966498&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 600
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Request Chain 601
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35&dongle=4430
Request Chain 609
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=1E9AD575-C789-434E-B4E7-7684BEEE02FB&gdpr=0&gdpr_consent=
Request Chain 611
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CB22D64B9FCB4F978BEE2013A9CA74BD&gdpr=0&gdpr_consent=
Request Chain 612
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1028135278
Request Chain 615
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1E9AD575-C789-434E-B4E7-7684BEEE02FB&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1E9AD575-C789-434E-B4E7-7684BEEE02FB&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 616
  • https://pixel.onaudience.com/?partner=214&mapped=1E9AD575-C789-434E-B4E7-7684BEEE02FB&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0cb3dfacc520d43874a3aec2404f3ff3&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=8cb3989c5dc47795
Request Chain 617
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7459351539056021238
Request Chain 622
  • https://id.a-mx.com/sync/?tagId=&ref=null&u=https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html&tl=https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html&nf=0&rt=true&v=7.48.0&av=2.0&vg=vlipb&us_privacy=null&am=null&gdpr=0&gdpr_consent= HTTP 302
  • https://c3.a-mo.net/b?gdpr=0&gdpr_consent=&us_privacy=null&gpp=&gpp_sid=&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D HTTP 302
  • https://id.a-mx.com/set?uid=55b86fc0-9f55-4785-9dd9-e556c0ed0d7f&gdpr=0&gdpr_consent=&us_privacy=null&gpp=&gpp_sid=
Request Chain 633
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=8833447933837358415 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=d63a404b-fbf1-52e5-8367-819ee7b982c9
Request Chain 638
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
Request Chain 639
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7459351539056021238
Request Chain 644
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 646
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=gB6QIIYZwXGbGJJyhB7ZIYAakHCbGcMh0h3SperO
Request Chain 648
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAF4KE7JvAcAACaud8B8Jg&dongle=bzwx&gdpr=0
Request Chain 650
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZN4DVAAJOvhoaAA_&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 651
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=5a977333-d359-4c83-bf80-cff0723e72a2&dongle=31ac&gdpr=0&gdpr_consent=
Request Chain 652
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=CB22D64B9FCB4F978BEE2013A9CA74BD&dongle=yf3
Request Chain 653
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6547&xuid=mZ3nyFB0GpZRlmsuO8Rx&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Request Chain 655
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6019&xuid=3xTNITwA1QwB6J5&dongle=465e&gdpr=0&gdpr_consent=
Request Chain 659
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2407697930668253618&gdpr=0&gdpr_consent=
Request Chain 660
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7268250507939412111&gdpr=0&gdpr_consent=
Request Chain 662
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7459351539056021238
Request Chain 668
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=2-3yAd3qo1DA6_BT3-27ANvp8lHA6qEAie5MHKqn
Request Chain 672
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAF4KE7JvAcAACaud8B8Jg&partnerid=127&gdpr=0
Request Chain 673
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7459351539056021238&gdpr=0&gdpr_consent=
Request Chain 674
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=969MaRQnToiRg6LGsrRgPxRbA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=3100904523491322904&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p

688 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request citrix-sharefile-cve-2023-24489-flaws-attacks.html
securityaffairs.com/148981/hacking/ 		97 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd98b33b740f56107f4f82232381aa47299017e5d406441d7a1ada02c50da9a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
7f818c625a2a3807-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 11:24:02 GMT
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/" <https://securityaffairs.com/wp-json/wp/v2/posts/148981>; rel="alternate"; type="application/json" <https://securityaffairs.com/?p=148981>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6xCpFWp3olEjbRDbP0rsC1fDJUQTtE8qRnyRV45JhXJ7KKQoaDZhfkgPA1essnjuOT18CeQoUqBEIQRKHeas2lNglzIAXkLiBKMwMhtvMMCdm6ztzesBBIVcxLUl6TuHc8cPVQEqXvJ0yf9YgOmRPER"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-pingback
https://securityaffairs.com/xmlrpc.php
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428088df3e711d793bf71c25e738adb7e210f43014809bb311f2e1fa182bc6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50704
x-xss-protection
0
server
cafe
etag
8972968633998500320
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 17 Aug 2023 11:24:02 GMT
style.css
securityaffairs.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/css/dist/block-library/style.css?ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32a42197dc440d45716dd692e63b89b7023bdd66b43d60de83e4de5750c83988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132394
cf-polished
origSize=112251
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:36:33 GMT
server
cloudflare
etag
W/"64d2c371-1b67b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEx1dxuQNDJbZN33GCv%2FObvG5ykgiFbBISn3C%2FrpAr0CI6tWGY9Eie8byQnW%2FnB9eyuHoLHa8YQkBPlrO5DJybLB44%2FGZ4Z8veZW1ozGc%2BbfELhasGTh8jQ3aX8Y5evKZHJStl4byDXh4D5t6RV%2FQ6Zu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c630b163807-FRA
expires
Tue, 22 Aug 2023 22:37:28 GMT
view.css
securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/ 		602 B
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=34ae973733627b74a14e
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129243
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:54 GMT
server
cloudflare
etag
W/"64d2c3c2-25a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTYtHmq7oNaYMBstYB6vwgBKzYTfq%2BvwuGLm6lrRqLlHYDY7AmkXrI1DIC8yf6OL9jgxhEL42ADWdcrZZ5tyMZfgH663eKMZUd1hiipJoP6bca%2F90Br%2BKoDhzKgkqznbb4bNJH4gS0Bist2DTlU5EO9d"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c630b1a3807-FRA
expires
Tue, 22 Aug 2023 23:29:59 GMT
mediaelementplayer-legacy.min.css
securityaffairs.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
95886
etag
W/"5fd15e34-2bf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2qM%2BuKJEqoEr5szj%2FnrK8k1eJnzGjSctt%2Ft3KETmmMNxjA%2F7dkDfbHnbrtFCUcmYQar4bn2sH49xGnLwsJsRwjEz%2FmVKQD29i3BUD02SSG4i2Ra3q%2BzPuSNpthdAdVAvwFudV0hRBdrYyTxbBeX84II"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c630b1c3807-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 23 Aug 2023 08:45:56 GMT
wp-mediaelement.css
securityaffairs.com/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/wp-mediaelement.css?ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132394
cf-polished
origSize=4960
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 13 Nov 2019 23:52:08 GMT
server
cloudflare
etag
W/"5dcc9728-1360"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8H1E5X3b7rUl2ZlFpril1r91DW67h3SedpTL%2FdmYdx4p44Uq0fZqohLT9rRS0nlc8%2FgOhdPBfwXQPLWMnQ31htZVDQR5%2FizrLzgboB3roi7fprXhWW6g4MDzGuww76ZxlKBNdrfnroA%2Btkh8fMdIvWK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c630b1d3807-FRA
expires
Tue, 22 Aug 2023 22:37:28 GMT
styles.css
securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132237
cf-polished
origSize=2859
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:50 GMT
server
cloudflare
etag
W/"64d2c3be-b2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJnJ4fbjP%2BVKANZlgVsGz52jl9gx%2B3I4MlW0wgBSnbPeP8I%2BlH954w46krtnOSzRgWLQ7s%2FhuI09dFDXCjAG9y%2FWShgo8xmmkKZz7eH9d1YwAmMeRmqxxwskrNeexN60qwzy%2BwokiP3HTNK4NzHaZDWD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c630b1e3807-FRA
expires
Tue, 22 Aug 2023 22:40:05 GMT
cookie-law-info-public.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.1.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45990
cf-polished
origSize=3106
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 05 Jul 2023 22:27:15 GMT
server
cloudflare
etag
W/"64a5ee43-c22"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AiwdfyHneb8WM4brI2C5OUST9LCYqUdFDdrCyZ15ixy5PStel5uuWGrQg2HMyWF1eltu4zTHKGVEJi%2BcdqPP8BzhBNJk3aMtm%2FGyl1UJvpmzOzL%2BpU%2BhB9O2U7BqWReE0hev%2BGM1hCL%2BPVgl8F3rnl6X"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c630b1f3807-FRA
expires
Wed, 23 Aug 2023 22:37:32 GMT
cookie-law-info-gdpr.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.1.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45990
cf-polished
origSize=27249
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 05 Jul 2023 22:27:15 GMT
server
cloudflare
etag
W/"64a5ee43-6a71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NVO70QmM2bEuXbbl%2FXG1aOZMGmsfXJoalHMNxJWjyht6szLgP3ObNQCeGq9Gsyd0vkzrUZvXF5Z%2FmY%2BvgZMhFKFLmaPtu4UBSoIbcGg%2BmJOZJ6%2BFkokgdZPuaS3rBpc1JrHxWEMtoaH13yDKoQkpf54"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c630b203807-FRA
expires
Wed, 23 Aug 2023 22:37:32 GMT
mu-style.css
securityaffairs.com/wp-content/plugins/sharethis-share-buttons/css/ 		0
413 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=1690839156
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
222364
cf-polished
origSize=26
alt-svc
h3=":443"; ma=86400
content-length
0
cf-bgj
minify
last-modified
Mon, 31 Jul 2023 21:32:36 GMT
server
cloudflare
etag
"64c82874-1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDmmBS%2F6DzBv9IZa1dURz1pnUAz52l3ub4Kn%2BzWhbjR5dPKurbw1nkD9SUVVQHQSTBqBw7u814ibTFfWl5jO8shqNcEp82u00nCCde4EVVBRnjh3s5dOrXVkFC5NW6VMOhs7rZjMj6y0uBDPZNZgD%2Brh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7f818c630b223807-FRA
expires
Mon, 21 Aug 2023 21:37:58 GMT
form-basic.css
securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/ 		2 KB
860 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.9.6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
215722
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 17 Jul 2023 23:19:46 GMT
server
cloudflare
etag
W/"64b5cc92-654"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cL04NwbaFfbOpTrXOBw6mEFkxA8iyT0fiMncb2EK5IASTLQ7Tr1W1Ory4Tx5XRWxol63qyNpIS0gxXvEzq7ly1GYXR3JIz%2Fo4%2FCLHe7B45PRPwAhmGplCzyPI1vHZG6T62Iy7%2FfliBBetNXzwY8%2BbRQi"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c630b243807-FRA
expires
Mon, 21 Aug 2023 23:28:40 GMT
custom.css
securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b33e3ff7c01e9eb947faf1bd0dd31d3d210ff9fdf809f2db3938b5b865b9cc31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
99356
cf-polished
origSize=19858
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 13:54:59 GMT
server
cloudflare
etag
W/"56716d33-4d92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDxwUOlUtAoDHsE51%2F821OVkQJdyRcItguMIQc1N2GEN6ueZfWRppxH5%2BSf5nPPwLRSfgGcKSrjjR%2FMTmhX2SqHB%2BdWPudbWs%2F%2F26rVP8C%2FAci6tnWem6JoS7eWubqx8n0vxMPly0UjBUTO9gSzIEyEA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c630b263807-FRA
expires
Wed, 23 Aug 2023 07:48:06 GMT
tipsy.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 		461 B
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0255909b7cb5511843e8e9d6414f99d023237cdb954705d68c4ff0d3cd752d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
544438
cf-polished
origSize=539
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
cloudflare
etag
W/"56710b7c-21b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFfkzF1%2FU9QBt%2BePho10HVCmYvHqak9HGCehBVDd%2BVzdC8L7ieyjy37JOpJxrD6sa88qxvUq%2Bu2HyigabMAGRUKt%2BKas8w1FxTrAC56CQTO1eNubCQzcSjWF3vrpuB1W1rU64KqdjLnXxQaVr91uxZdR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c631b303807-FRA
expires
Fri, 18 Aug 2023 04:10:04 GMT
flexslider.css
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
751ae0b0e7b20fc45203c90e0c3391e1aa983f57327fb31d96dda46f7232ad45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
97106
cf-polished
origSize=6225
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 13:55:09 GMT
server
cloudflare
etag
W/"56716d3d-1851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clfruB1tlDIQMgi4pDT2p%2BgMmWT57J%2BiAyb1YMWCcfkTB%2FR%2FdnyNMZurZxNAX0jy5ifF1iyjihoBFg4ktG51X0T%2BGj61QQZYVCPCrdzOzR8OmK5SvdnkxZ932n%2FlftTA38JL%2BKHfp8Q%2F9ggWfKF7Bw0Z"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c631b313807-FRA
expires
Wed, 23 Aug 2023 08:25:36 GMT
animation.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 		1 KB
686 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5643c5e548ec3aab5786c3845bce65a8ab30d48b62ba2586373ff84589ea13d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
595753
cf-polished
origSize=1716
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
cloudflare
etag
W/"56710b7a-6b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZQFGm0QhA%2F15rsiBZlRq1i62I8%2FRdlPOSIpIon7wVqcDaJf7L4E5kCh701jLdfsZkrmGQ5ylIvM8eAfcAsqZRSFq1bW9XXqaEKtpdNd465HHnMcauq32rJdIOYhpjgHjg0YW%2FtpVkGJD9LY0FoNSEhB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c631b323807-FRA
expires
Thu, 17 Aug 2023 13:54:49 GMT
font-awesome.min.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
593759
etag
W/"56710b7a-4574"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OG6cSbt1bOM8QdnbW0a82P312TyEJI14aD3GaNnte0fQW8jSo9m%2FSFbcHf%2B70Ea1AUEeT6vvGO5xdbC%2FRr0wzak4ScpR9D8MuIK11KYxu6sIK7P57UyCTxA4NF37HZSFblJdRwVwj982XOO0ZBTRHlai"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c631b333807-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 17 Aug 2023 14:28:03 GMT
swipebox.css
securityaffairs.com/wp-content/themes/rigel_old/js/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9b6164ccc60fa98562a1d315d63a961a7ffa16183117a6a5f6d5bf3893283c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
97994
cf-polished
origSize=4493
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
server
cloudflare
etag
W/"56710b8a-118d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kvodHeJJCzxLNwCgDn6bDPaSmhStLQQ1XLZY9FNT4pFT8SaEiTcgp%2B4hcas%2BGEcUv94bIEwwKsnGYQIN3L4%2FGs7aqLgRmxi9hSQaxQDXT2QWS1A5b5E%2B%2FzyGeyLdqX%2BEWBJUtLM8aqEdP79bp92fD7T"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c631b353807-FRA
expires
Wed, 23 Aug 2023 08:10:48 GMT
jquery.circliful.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 		264 B
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28275dbcd3747f460a53102bb9dad566db20349335371cef756c72f4ab155431

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
100336
cf-polished
origSize=334
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
cloudflare
etag
W/"56710b7a-14e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpP5m0iqrbb2UAPQlE5xn%2BW2JeOO%2FX392WLF2TKTQ%2BfaFJkgo%2F2VD6WvVenAKmiUbk5WRkM%2BhW%2BGtFA5%2BZ8eRmZnO7tfmBclxCTElNbGjIVJz3Vpj%2FiWmQjBJM2Y%2BsDC6mITrNNx5BP7157MoIKcgILw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c631b373807-FRA
expires
Wed, 23 Aug 2023 07:31:46 GMT
screen.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 		95 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04aa9666a49a1c434d7e44268f399e0c1dc1b306a2cc6f3414551364c217b4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
544438
cf-polished
origSize=112708
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
cloudflare
etag
W/"56710b7c-1b844"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISGo%2BZwzioRf3YTXqzSCdHcmz7fr%2FXMfKNxTykhEZFsEHHny5SLAZXTpYVljLt8%2Fg68JVbteOsXta9N69rb6u9Q%2BTEZT9XLIv8INIFhFswIos5iG1u1SjMFCjzKAKIG8HBvqNkuh4s8TWAxP8UKR83sD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c631b3a3807-FRA
expires
Fri, 18 Aug 2023 04:10:04 GMT
custom-css.php
securityaffairs.com/wp-content/themes/rigel_old/templates/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ba7c2311986ffb857dac36c0269f59bd9eb78fbf7435f2a2ebe5ba3af6fb9b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

cf-edge-cache
cache,platform=wordpress
date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cB%2BM8ANwTNLifc9P6vParqGltfOLmHVyMZc1xGUJBebOkFQKDBn%2BSMGCTRZ2MfRiUvGERELGnCw6OTFF9Kb3uHwDDlCXAKHF%2BlAPaScLNfRoGMABig%2BYFOku97TjwyCvBLlnzHSfxNTbu%2FgM5%2FDfsphK"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset: UTF-8;charset=UTF-8
cf-ray
7f818c631b3b3807-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77a97368f8991ef6bcba68e58a58f0aa3aaa1e61b687bb5f2c7930d12800de13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 11:24:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 11:24:02 GMT
css
fonts.googleapis.com/ 		3 KB
550 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 10:49:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 11:24:02 GMT
css
fonts.googleapis.com/ 		4 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e63ce5b7ed21eed9e79e149fd15071f7d52af26b7b50b23af810cfe3b50f7a1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 11:17:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 11:24:02 GMT
css
fonts.googleapis.com/ 		4 KB
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c31c872bd1b263e86b8127059907e0c7e94c0985a85acd24d856f4d9aa294db9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 11:24:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 11:24:02 GMT
grid.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 		43 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/grid.css?ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5133a1035cbf203be573cc6e15a2d4f8477b62568bea772b2192dc68c4980e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132394
cf-polished
origSize=50674
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:03 GMT
server
cloudflare
etag
W/"56710b7b-c5f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5KcF7lLSLhbgQnCTDrAbds3f0njzTzeXU0IXz871d%2F%2BPGS6zPnl%2BuJ4zF4Oz6DJ3cp0Br3%2FOo7vBvl8tbUJdkbLqLutkG9MSiScEiQmM4viX9k%2BI6XiBgddryNeLKwjXDyvxmMm6l%2FXwfT8XHv6BLZg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c631b3c3807-FRA
expires
Tue, 22 Aug 2023 22:37:28 GMT
sharing.css
securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.css?ver=12.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99734dcfce77b3d9c7555659b0e92798bee3e15a5f244da8c97287bad050d7cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132237
cf-polished
origSize=19508
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:54 GMT
server
cloudflare
etag
W/"64d2c3c2-4c34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjVjDZHUk58Jz0HkmqezU0KgxAbQnWAwsKAFzA5C1pgA%2FCUfI7n4thcCK1lfyqmdpS3rS9Hd3KOWNfm28iedZb4dwKObqAvTgqcH5izzPuNXEiYgBBQ5hNnmbJK%2FcBIiEapbZ6OURS%2BaGPSzw3suLlQx"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c631b3f3807-FRA
expires
Tue, 22 Aug 2023 22:40:05 GMT
social-logos.css
securityaffairs.com/wp-content/plugins/jetpack/_inc/social-logos/ 		12 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.css?ver=12.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
935309674176a5794193c0841af92c9d2f196d4cce2c6875f4303d6c5866abf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132237
cf-polished
origSize=13047
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:53 GMT
server
cloudflare
etag
W/"64d2c3c1-32f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srPyxE90%2BFULL04R2AmXVXRfHj1dsS2rvupCXzZYCxYiyEq8MJsglATP8RARMxEZQFKgxUo%2FbrDwrzKRvrWjNWit2er2ZFgz%2FL44SX6meMMYvrEJ8rzHT9R4kq%2BwZ31GJmEhch3WDXR5nPrQr8JSDFZx"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f818c631b413807-FRA
expires
Tue, 22 Aug 2023 22:40:05 GMT
jquery.js
securityaffairs.com/wp-includes/js/jquery/ 		138 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery.js?ver=3.7.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42638cf7ce147ae414ebf639d0c94c85b08018380903afb94e2190b1d4adb317

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132394
cf-polished
origSize=285016
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:36:33 GMT
server
cloudflare
etag
W/"64d2c371-45958"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOvTmxeJUeL%2B7AQPM7wUvop%2BMAJCxACA6NDOiSYRUD%2B9q3WRbmfrDUKm%2F2nOXdGLT%2FtwJAikud41UDNC5ueSx7SSdoVbNlH%2Fs7W02qscqHUBX%2FNrx97nUcBvpEWz%2F%2B1PCbiwW8gffipHSB7NYl6Lqo%2BN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c631b433807-FRA
expires
Tue, 22 Aug 2023 22:37:28 GMT
jquery-migrate.js
securityaffairs.com/wp-includes/js/jquery/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132394
cf-polished
origSize=31978
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:36:33 GMT
server
cloudflare
etag
W/"64d2c371-7cea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97iJSh3fVsCUyRpL%2FauFkvU3XMtNxwmOnf08HgU0RxhMPvteYD4wNyGAfVcjMSPHXYJeusIDvP9fZSFZGsCD191mylaoR9lRZVZe04kBQI0uwFRIqKrGcBBKtzjkuafNIovpHm4RzxrAEX8LSoSpOPBV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c631b463807-FRA
expires
Tue, 22 Aug 2023 22:37:28 GMT
cookie-law-info-public.js
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.1.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46175
cf-polished
origSize=34179
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 05 Jul 2023 22:27:15 GMT
server
cloudflare
etag
W/"64a5ee43-8583"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJsN%2FfFRg2%2F6W84ze8xSi98NEjQY6ODZI358564RHPF6o%2FBZlRNAJYckst%2BY02VTx4xPDPGAN7aFM8j0K2NZ5ddoH8Wdns7VO0eF5TCoKZMSSEHWbMLSG4Pk83o6w0dqGLhXE4FVVLZPvrZ9vkOsv9S9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c631b473807-FRA
expires
Wed, 23 Aug 2023 22:34:27 GMT
sharethis.js
platform-api.sharethis.com/js/ 		203 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.8
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-69.ams1.r.cloudfront.net
Software
/
Resource Hash
64ffd4b2224c9e2a0f2193cf1d37239572a67ce9d2bf3d97c58d6939139af61b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:23:26 GMT
content-encoding
gzip
via
1.1 c00e79984dfec6a6601fb861a1d8d5e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS1-P3
age
36
etag
W/"32a36-40XB9TFKL290b/MnE4xfx5SGfVQ"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
h2OWQiBMq1A_u-mCyQIuYtDVvy9KmPUzwR5LZXgRzQJD19GJhMSJkQ==
sharethis.js
platform-api.sharethis.com/js/ 		203 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-69.ams1.r.cloudfront.net
Software
/
Resource Hash
64ffd4b2224c9e2a0f2193cf1d37239572a67ce9d2bf3d97c58d6939139af61b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:17:56 GMT
content-encoding
gzip
via
1.1 c00e79984dfec6a6601fb861a1d8d5e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS1-P3
age
369
etag
W/"32a36-40XB9TFKL290b/MnE4xfx5SGfVQ"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
hx-WIlGN4Ng4nZsMHF8ubNGkhjyHQ3OSg-scZdbBNs1mtpYCCjhqfg==
/
services.vlitag.com/adv1/ 		575 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d060d8420c1c7cf908cb32ac0bf231e12a5bd26027bf2ce8bb2a0dde8192cd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
cf-polished
origSize=589289
etag
W/"221a5a398da89ace8729d1cd3c481ec7 2023-08-16T06:20:32 v1 default"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900, stale-while-revalidate=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c669a78371d-FRA
alt-svc
h3=":443"; ma=86400
image-45.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2023/07/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/07/image-45.png?resize=1024%2C738&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
c9f7b3cab2e1ad7ca00d3037abe468d8e3bb8fc008eaa083405a8cc90a8ddab9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Thu, 17 Aug 2023 11:24:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jul 2023 08:11:40 GMT
server
nginx
etag
"f87413a50d4cecea"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2023/07/image-45.png>; rel="canonical"
content-length
34188
expires
Wed, 30 Jul 2025 20:11:40 GMT
Clorox-Companyu.png
securityaffairs.com/wp-content/uploads/2023/08/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2023/08/Clorox-Companyu.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dbac956ac0824fccac32081f23ce182a6b707159b24b35340dfcb43ff9db5e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15355
alt-svc
h3=":443"; ma=86400
content-length
48971
last-modified
Wed, 16 Aug 2023 23:28:32 GMT
server
cloudflare
etag
"64dd5ba0-bf4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRX%2B5V4lBEun5YCY%2BFlHIpNqt1lYhZG4kZtOMRevVW0tO3Fpypn3qNMYQQIYtCkTs%2BWFt%2BGQ7dWYtLNPqCQ%2F5kJL8iIZUAZbsQf3R2Jxf7Q%2FgW2Cm5snt8Yb%2FICq3poQlDo8qeup6qOz7EbMblNSx3WN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7f818c664f1e6997-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
image-45.png
securityaffairs.com/wp-content/uploads/2023/07/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2023/07/image-45.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c2488b8fea1a0d0951af61a3f55c92d707bdf4a673b35d305d93661fb777eec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33398
alt-svc
h3=":443"; ma=86400
content-length
72551
last-modified
Sun, 30 Jul 2023 19:11:56 GMT
server
cloudflare
etag
"64c6b5fc-11b67"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BmYiSZsvC1sLcyMuXwfgfLhEFU2ACE1Y7Ir9B8wT7RmDOQAvuQ1Ad6fiEzMW3Z8kkOxwxtSLr3g1nFhUbiWgFWalRMRF%2FajvaqxANIwia2UxDKkIV1G5KyVfbFGZjAFitbFAJkoOCnxOZ3P85Ox9p3b"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7f818c664f206997-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Aug 2023 10:14:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64d9fe95-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CL0EWWoCQ0hbL7mTCVwWTjXWP4udceIAJwBUYnFp98GIl2Wnj7NuuCGFw9AjNC98V4aX8bW1fuJuK1y65vssAt9GOqZqaNMRvTRn%2FepZ7LQrLFdLkuCrW%2FD1M3CVIkQoNE6l0Qg%2FxLftAaUeXiAMZCAm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7f818c63bc086997-FRA
expires
Sat, 19 Aug 2023 11:24:02 GMT
image-44.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2023/07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/07/image-44.png?resize=300%2C300&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
16e5ba3dfcd97cd7f52ee974e66a8f30bdc2f1b565bcdc7a6db66185c82a05b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Thu, 17 Aug 2023 11:24:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jul 2023 00:42:54 GMT
server
nginx
etag
"89657fa54ba5ae89"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2023/07/image-44.png>; rel="canonical"
content-length
3956
expires
Wed, 30 Jul 2025 12:42:54 GMT
js
www.googletagmanager.com/gtag/ 		260 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c50826cdb497c6a342ffa838f3d57b31e245246f4493af3994f6e8d458044bde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88871
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 17 Aug 2023 11:24:02 GMT
image-cdn.js
securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 		701 B
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
125880
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:53 GMT
server
cloudflare
etag
W/"64d2c3c1-2bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2Iwy2PtIZf1Tt%2Blbqf9OwDkQhVmSmahR2NPU1Ea787QEMFOW3kXEACI10Z%2FFCY8vfZed6io5l0FaP8d5tmafEGespabxtKf%2FrKjyVlqkRlz%2BAttNw1MHhlAPwGKO%2BjNygZxCp2a0xK189jDoMY7VQGE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c63ec416997-FRA
expires
Wed, 23 Aug 2023 00:26:02 GMT
index.js
securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
131938
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:50 GMT
server
cloudflare
etag
W/"64d2c3be-2a12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKvBawaf6VcsekG58Qu2VSksxpJZGBJNc60MRy%2FU0OcwHfEn26i%2FqJFnhoNsh59NwJPMeSgv4yr1E5ChlkuI3IZ0G%2F8UPDickq2VF7U%2FWJz1ovB13%2Fw%2Fo5PA9HfnRPDKN7dQINrKS%2F4MsjFWwKadapMy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c641c656997-FRA
expires
Tue, 22 Aug 2023 22:45:04 GMT
index.js
securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
131938
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:50 GMT
server
cloudflare
etag
W/"64d2c3be-328f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PifmfoThXnGJj94cp984kMhAOWC5LnGIGf7TTQNcY4TX86eY2BN4tKL3RhoE%2FGKC%2B3V81RhC6IHNLsy61xsArXzB4n7C1EIf8%2B%2B7VZOgP%2FMNsRL1iaW0PPP5zbEpc9cJ3oaeQqe0OoleXPrZy%2Fx5oIFY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c644c986997-FRA
expires
Tue, 22 Aug 2023 22:45:04 GMT
ssba.js
securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1686486772
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
339121
cf-polished
origSize=3110
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 11 Jun 2023 12:32:52 GMT
server
cloudflare
etag
W/"6485bef4-c26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOE5KgMvzkdsldyxoh5H%2BIDZQ%2BIOqb9sj02nhwVTB%2Bt2Dl9nA949xdtI0RndVb5I5%2BlRMsOV3eqvO0AjWMFpbhO5Wthc0goFYjzXM57qgiCQLW4tGHV8I41%2F22KSRJa91EbTj21sFjGQq6V9XZzomEZY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c645cb46997-FRA
expires
Sun, 20 Aug 2023 13:12:01 GMT
hint.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		467 B
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914c2c38bcf8be8ae0bb37e800573341c8134e54b5ced5303c1d3f172d7e6c96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
186288
cf-polished
origSize=987
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
cloudflare
etag
W/"56710b89-3db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7bdIl1zEuN%2FnqzG9H%2BemV5GUPBVbUepc19CQVnjDhJd28UAz711%2FJdF7yRMSCcJnEgXc%2BvED37XHiuzPU7%2B%2Bsnnnalus%2BiJ03BUPLD3162824NNoIqsUXxNAIx%2Bku6ljqcFhX%2BRZIuo23cVkTCFEXNB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c647cd06997-FRA
expires
Tue, 22 Aug 2023 07:39:14 GMT
jquery.tipsy.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3570b0809823e912b040bb8d99048d5e85ceabf830ef064e306c0a1901a08e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
186288
cf-polished
origSize=4371
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
cloudflare
etag
W/"56710b89-1113"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sm7eQYuin9GlmFOMMN8urFLTaoSw1uUcVPqjRjuQj120Gf4u6yzHKg38AQbZUgs23VO03XfLQoDw%2BzXFMBKFIf8Cryzfm%2F1to87yw9a5o5Onfn7i%2B4XpzIB6syS8%2B9qgi8tpqCwJZtLv%2Fm4bYsNWzBLJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c64ad046997-FRA
expires
Tue, 22 Aug 2023 07:39:14 GMT
jquery.easing.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
186288
cf-polished
origSize=8097
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
cloudflare
etag
W/"56710b89-1fa1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmBsUJJbf2iql5k6Q2fGSXWdrO3Hc%2B0EhsVAJP0Hvf9TrkCRvBDqf0v7flJ7Z%2BLAVb6D%2Fptpi37xwCGHXYn2TP4EZsF24uY1qcZBBWziUpD8hU7pqS2uFE3Y4urtLKSfdOOaZu83M4UcNB2xENHlqISG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c64dd456997-FRA
expires
Tue, 22 Aug 2023 07:39:14 GMT
browser.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bea141b0e1c016faface442cf56dae318f97789bea95d633da28014d5233a934

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
186288
cf-polished
origSize=2614
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
cloudflare
etag
W/"56710b88-a36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pD0F1%2FP7VWAIJM%2B6cB6aiO5Zl2uCAxzAHv7zdjRVEF5Sj3Ke6m81mApJVqW9FjznlH6ml5ygKT057yxuOXVQN9bX1IbsSJiFu%2BDDgVe%2Fk9OgfWZM4hNBpafuhUHJdEdqyOLxT86Vz6%2BJf7K3HcUVVYmu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c64fd5a6997-FRA
expires
Tue, 22 Aug 2023 07:39:14 GMT
jquery.flexslider-min.js
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 13:55:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
186288
etag
W/"56716d3e-53ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARcOEee2sz8HhttCavp1xX%2BBOMkeEB%2BYzfmBnAY6bd5SOON0z8VzY7RNL%2FzPEly%2FiHmrIrEpwWfZlOjHPAqeOEkMCKBUS3jonkBGhteXVamYAZNjHk3H3XPnDiGlai9rzNtEh1OPvtMgWKz8rW%2FF%2BPHo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c650d7c6997-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 22 Aug 2023 07:39:14 GMT
waypoints.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
186288
etag
W/"56710b8a-1f6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W17xYUv2MZ6OwFCZy0WhfHboE%2FwdbcYweDvxMDaN9tUQLgVnbM6tK%2BHNjZ87cQrJQwh2C%2BPdtNL96fYwpFvdKnQeS9xg9Fv0TTzAXRwKi2HxKEm81Goq7%2FTBpFRU7nl3ky2aERmm8mHiW1J1n5ZUgjva"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c653dad6997-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 22 Aug 2023 07:39:14 GMT
mediaelement-and-player.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 13:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
186288
etag
W/"56716d42-11571"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xmq15OTu5HPFpo24OKTCuRdlfnGUeEjK%2BPWXevRigvqY8mZuA0OSuUitH9J1WqHSqBMXsJ%2FL9HAou7Dlm1E37AOUBAJBp5HC0hFDdWCIoTPF1DfAA8pzeiRoiEzfo%2BFt58u%2BZXy75bCy9HIdfVgO5oNx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c656df56997-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 22 Aug 2023 07:39:14 GMT
jquery.swipebox.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
186287
etag
W/"56710b89-2a67"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3A%2FkJCnpfY%2F2A7FBT57RLpCJQWQcwECjR4cEONp8J9xI5EMHQFMDE3du4Ft6KG20Snf%2BW9e4KHm2owTtAZqatb727ujzrltRCo9yXk%2ByC03czG%2FBJWfpQUaFrJN8xXk1qKhGJiJAY689iaYaVvFSL3S"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c65be6e6997-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 22 Aug 2023 07:39:15 GMT
jquery.circliful.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
186287
etag
W/"56710b89-c18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FHmMuH%2Fu%2Ffqwfz%2B4VNXDMsmJsWtQAzuIekDUWANwwfaNA2v5hxZc5AkfLdtKGnHBUdbGjlDQFPR1%2BDQPvGlLeKsn4iF%2F0cLq0MzHFM3jPUJ043obTO6QIQc7wUphUVj28IZyRxqkprqzvys1FyJZh5D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c65de8b6997-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 22 Aug 2023 07:39:15 GMT
jquery.smarticker.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
561388
etag
W/"56710b89-3225"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1f2wdfxE%2FBVxNEyyzFaWAqff9tnRlu9CXngcqKD9F%2BzcySxJZ1GBGZsYJ24v9dlR4SNGkjnkOTtS%2F6Y3FjtWVIYH3CzV8d2DppcIn4oBsb9jfg2VZ8sEaDDGnAFfXyK4l%2Fv1vPUu%2FDLMZT%2BOKKj73Eo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c660ebd6997-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 17 Aug 2023 23:27:34 GMT
custom.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6f712bb063293806236d362715f5f3f134ddeb3da95e66f7f7d5f1311975296

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
542993
cf-polished
origSize=12756
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
cloudflare
etag
W/"56710b88-31d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuGIa90BMnLVqHrwKJgpJCu1cXYQQn3hrhOjh487uC%2BQk8hPTqRDPHiGiiIjSFKkMDu9h4bJPwcYiyKhobZeUaHsflZDS7vprBWU%2Btb0mRM3WnkPDdb7tq80p6wpo3HZYp%2FApbRGNeFqtOykRfR4Wdas"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c662ef96997-FRA
expires
Fri, 18 Aug 2023 04:34:09 GMT
e-202333.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202333.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684461103136.7104
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 12 Aug 2024 06:45:23 GMT
sharing.js
securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=12.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c11433c4dc7cf18972c22ca0f2cf78493b92aaf89bab4dab47c6c9b6c551d50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
131938
cf-polished
origSize=18206
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:54 GMT
server
cloudflare
etag
W/"64d2c3c2-471e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZl6jVhANBOM%2FYx9hI%2Fsf12isk%2FTtLHD7Q%2BmvVEATBrBNoH8N%2F3OxtAOl%2Bjdo%2BHMgDO9ifnTpPYf4EEF1tu5o0yI%2BhTYHEITxR8bDfKW7GviRcL3JDP%2BsiCk35UXXdaRSY%2FuH9E0FIet4VNm7K86nzY%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c664f1d6997-FRA
expires
Tue, 22 Aug 2023 22:45:04 GMT
e9d5bd9b-9213-4118-8c16-15ebe5591798
https://securityaffairs.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://securityaffairs.com/e9d5bd9b-9213-4118-8c16-15ebe5591798
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09587fd0b4c984573371a553f082e27c4e4ba98f65130e1b1eb7c0b7699509e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
5047
Content-Type
text/javascript
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d47adb54c911f5d491a851513106656a0ad00dc15ccd7c0661012749e588b22f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128226
x-xss-protection
0
server
cafe
etag
1616084318563843591
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 17 Aug 2023 11:24:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230815/r20190131/ Frame 12DB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230815/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16027
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4542
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 06:56:55 GMT
etag
13776922816869014096
expires
Thu, 31 Aug 2023 06:56:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
64b5cd2fd23b930012608ffb.js
buttons-config.sharethis.com/js/ 		927 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/64b5cd2fd23b930012608ffb.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:c600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52f5e657405d02f0ab9761d8c352e50ddf0329275461a34ad512267f3b06c4db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:23:37 GMT
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
DUS51-P1
age
26
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
927
last-modified
Mon, 17 Jul 2023 23:22:28 GMT
server
AmazonS3
etag
"56f01d1dc4635d0cd55fc8c794bbe43b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
x-amz-cf-id
Musx7uOoOw8ET27rLxK4f2R5ZmvY0WEfjd7BVKddgaoHoC0dNg_jtg==
gtm.js
www.googletagmanager.com/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f6d12bda9c66d3ed2e0cea8d29bc5e2adbb8d915dc54956c43d2fa326f5a401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44428
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Aug 2023 11:24:02 GMT
pview
l.sharethis.com/ 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=securityaffairs.com&location=%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&product=unknown&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&source=sharethis-share-buttons-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Experts%20warn%20attackers%20started%20exploiting%20Citrix%20ShareFile%20RCE%20flawSecurity%20Affairs&cms=unknown&publisher=64b5cd2fd23b930012608ffb&sop=true&version=st_sop.js&lang=en&description=Researchers%20warn%20that%20threat%20actors%20started%20exploiting%20Citrix%20ShareFile%20RCE%20vulnerability%20CVE-2023-24489%20in%20the%20wild.%20Citrix%20ShareFile%20is%20a%20widely%20used%20cloud-based%20file-sharing%20application%2C%20which%20is%20affected%20by%20the%20critical%20remote%20code%20execution%20(RCE)%20tracked%20as%20CVE-2023-24489%20(CVSS%20score%20of%209.1).%20The%20flaw%20impacts%20the%20customer-managed%20ShareFile%20storage%20zones%20controller%2C%20an%20unauthenticated%2C%20remote%20attacker%20can%20%5B%E2%80%A6%5D&ua=&ua_mobile=false&ua_full_version_list=
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.201.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-201-159.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:02 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://securityaffairs.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=fdac7e82ceaa541b1007433f3201d7ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 03:38:46 GMT
x-content-type-options
nosniff
age
27916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Aug 2024 03:38:46 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=fdac7e82ceaa541b1007433f3201d7ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 21:04:36 GMT
x-content-type-options
nosniff
age
569966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17908
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:23:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Aug 2024 21:04:36 GMT
fontawesome-webfont.woff
securityaffairs.com/wp-content/themes/rigel_old/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Referer
https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20162098
etag
W/"56710b81-ad90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNdtqYsUNd4C%2BYP4kEiI0ttuxfF6VSxOdT3S28GWrwT0Qkf%2Bu838wXgAvlWAN8bsgtRC%2Farpd9IUOmwQ8tTeJVegT6DpKRmHCgAcsb2a%2BlYR3BpcemGnv69RPBoe1rc%2F3iNXc06nWFPQWiKR%2BwY22YJf"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=315360000
cf-ray
7f818c666f3c6997-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=fdac7e82ceaa541b1007433f3201d7ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 04:19:27 GMT
x-content-type-options
nosniff
age
111875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35764
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:06:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 04:19:27 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=fdac7e82ceaa541b1007433f3201d7ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 23:21:55 GMT
x-content-type-options
nosniff
age
475327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24408
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:14:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 23:21:55 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=fdac7e82ceaa541b1007433f3201d7ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 02:30:15 GMT
x-content-type-options
nosniff
age
464027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 02:30:15 GMT
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
486b694c4933bf0e1a51c429bdbd97e80ac818f4005c89885800230da524d4de

Request headers

Referer
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
application/octet-stream
f00db26378ef7df7c440a8ee60ead62b
secure.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 17 Aug 2023 11:24:03 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="f00db26378ef7df7c440a8ee60ead62b.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g>; rel="canonical"
content-length
1186
expires
Thu, 17 Aug 2023 11:29:03 GMT
Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Thu, 17 Aug 2023 11:24:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
nginx
etag
"90081d39f1874091"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length
30524
expires
Thu, 26 Dec 2024 13:09:36 GMT
logo-center-for-cybersecurity.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg?resize=290%2C300&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Thu, 17 Aug 2023 11:24:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
nginx
etag
"f66b518bba6e1555"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg>; rel="canonical"
content-length
7234
expires
Thu, 26 Dec 2024 13:09:36 GMT
newsletter.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/newsletter.png?resize=300%2C207&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 17 Aug 2023 11:24:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
nginx
etag
"d8c02e2ccf1e41bf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2015/03/newsletter.png>; rel="canonical"
content-length
18968
expires
Thu, 26 Dec 2024 13:09:36 GMT
EU-Blog-e.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg?resize=300%2C251&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 17 Aug 2023 11:24:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 00:56:49 GMT
server
nginx
etag
"a583ea31753e6f10"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg>; rel="canonical"
content-length
13098
expires
Thu, 26 Dec 2024 12:56:49 GMT
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=29506073&post=148981&tz=0&srv=securityaffairs.com&j=1%3A12.4&host=securityaffairs.com&ref=&fcp=3045&rand=0.9703971859213183
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:24:03 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
twemoji.js
securityaffairs.com/wp-includes/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/twemoji.js?ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132314
cf-polished
origSize=33089
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-8141"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUYDONZRwle2bIO85G2Hsp7D9PvpJHfT%2FyMNI5OOH5Qmi9VJW9CfcAxWbur8lmnQ%2F2%2FPaQRvDOOIoqt3TmBcYV7jAF6vApU1AqSaZhlqObEHv0zL9lO211AqjuI2blFRBjVCKUsXUqxxaMHe46uTUTfv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c6728136997-FRA
expires
Tue, 22 Aug 2023 22:38:49 GMT
wp-emoji.js
securityaffairs.com/wp-includes/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/wp-emoji.js?ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8cd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132314
cf-polished
origSize=8969
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-2309"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bR0WB5Yx1ZXBRo0CYWbq9eAg4Vb5cmzOCtzD0ROIDgjQhWtKquP0VBvVHc1Glr72i9DuSKr4VWu5%2BcvmHnKihcFyzax7IjXOcgCBoTp0%2BvqpJQb2FT8t%2BGZZCRgFLI2LI%2F6Y9AUNqYg047q1VPkV7m1o"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f818c6728176997-FRA
expires
Tue, 22 Aug 2023 22:38:49 GMT
js
www.googletagmanager.com/gtag/ 		229 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08b2adb7bea8385de91029fc75acff41eb5892ac13fb94228370d78b2483624d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82009
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 17 Aug 2023 11:24:03 GMT
collect
region1.analytics.google.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-NPN4VEKBTY&gtm=45je3890&_p=1013763069&_gaz=1&cid=427256701.1692271443&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692271443&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&dt=Experts%20warn%20attackers%20started%20exploiting%20Citrix%20ShareFile%20RCE%20flawSecurity%20Affairs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NPN4VEKBTY&cid=427256701.1692271443&gtm=45je3890&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NPN4VEKBTY&cid=427256701.1692271443&gtm=45je3890&aip=1&z=1067846453
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P62M3QN974&gtm=45je3890h1&_p=1013763069&cid=427256701.1692271443&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692271443&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&dt=Experts%20warn%20attackers%20started%20exploiting%20Citrix%20ShareFile%20RCE%20flawSecurity%20Affairs&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
221a5a398da89ace8729d1cd3c481ec7.json
services.vlitag.com/cli/ 		42 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/cli/221a5a398da89ace8729d1cd3c481ec7.json?hn=https://securityaffairs.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0844f9c0583891902cccc7829921a0a4d2605e7061ced2496a02cb8170e2a245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
BYPASS
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
private, no-cache, no-store, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c680a073a86-FRA
content-length
42
alt-svc
h3=":443"; ma=86400
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		405 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.com&callback=_gfp_s_&client=ca-pub-4918072057181794
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7b8b50ec3d6b55c29ac046a55b597e1f951cd9e6093bb7badd4d233920ddd71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AD31 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1692264243&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692271442528&bpp=401&bdt=131&idt=688&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7072651159571&frm=20&pv=2&ga_vid=427256701.1692271443&ga_sid=1692271443&ga_hid=1013763069&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076876%2C31077148&oid=2&pvsid=538799672571642&tmod=592097280&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=710
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vl.json
services.vlitag.com/vld/1692256733/ 		13 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/vld/1692256733/vl.json?page_url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 07:46:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c68fb6e3a86-FRA
content-length
13
alt-svc
h3=":443"; ma=86400
221a5a398da89ace8729d1cd3c481ec7.json
services.vlitag.com/obj/1692256733/ 		30 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/obj/1692256733/221a5a398da89ace8729d1cd3c481ec7.json?cc=CH&hn=https://securityaffairs.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5c159ccf8b6fdfffad548013be4fda608eaec863ce4c2f657c3cbeb6365f724

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 08:09:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
public, immutable, max-age=31536000
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c68fb733a86-FRA
alt-svc
h3=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230815&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4728543143887e2e3729f6bada9b14a3ac96ff1940174355699556fcb849b2f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11683
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 11:24:03 GMT
prebid-7.48.0.js
assets.vlitag.com/prebid/default/ 		561 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
704822
cf-polished
origSize=575587
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 08 May 2023 07:36:47 GMT
server
cloudflare
etag
W/"6458a68f-8c863"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
cf-ray
7f818c6a1f3d371d-FRA
expires
Sun, 09 Jul 2023 08:07:03 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3b7bc072fa5a0e6941517740695cd57e6de650aede4d0508604deb9a6c3cc26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28636
x-xss-protection
0
server
cafe
etag
562 / 19586 / m202308100101 / config-hash: 4602172780968577675
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 17 Aug 2023 11:24:03 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		345 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121802
x-xss-protection
0
expires
Thu, 17 Aug 2023 11:24:03 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1153970
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
cf-ray
7f818c6a1f3a371d-FRA
expires
Fri, 04 Aug 2023 03:21:03 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 10:40:02 GMT
content-encoding
gzip
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
last-modified
Thu, 10 Aug 2023 21:28:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
2641
etag
W/"a7247ead77dd201b1e56acf0e565194b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
brqozrjWnOvLN1f7kwhdkOfXeSAFA8uxkeaLEofJ0dci586KUTJigQ==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C455 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1541
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 10:58:22 GMT
expires
Fri, 16 Aug 2024 10:58:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 516E 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5c44aa2e6abb9460ec8174777e99be9e3e539c6cdb55c5054fd707ed22d1365f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j4kVii3elgzqpf2XSSzexg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-j4kVii3elgzqpf2XSSzexg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:03 GMT
expires
Thu, 17 Aug 2023 11:24:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
pagead2.googlesyndication.com/bg/ Frame C455 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:15:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
137339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14718
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:15:04 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 516E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230815&jk=538799672571642&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
date
Thu, 17 Aug 2023 06:37:18 GMT
x-amz-cf-pop
FRA56-P3
age
18290
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
wAy2I4BathOCrtvjgdqXtD5wLebYMux8i05doNJNckXkqq0793dJ7g==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 10:30:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
3224
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129087
x-xss-protection
0
server
cafe
etag
2193028555055074692
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 16 Aug 2024 10:30:19 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsecurityaffairs.com&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 07:49:04 GMT
via
1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
12898
x-cache
Hit from cloudfront
access-control-allow-origin
https://securityaffairs.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
quuLuD0-5a6GB7kEG5wyyNkaQ4PAaOx1LUNWMeNl4YkJLH_ivRbBrA==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230817
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f4ffa37f1248e72a8a1694f0ddda6a01e8a9de7762db4e5e45839577f898a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26590
x-jsd-version
1.0.1784
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4535-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-yzB+AVsdTJ7uVbjYg7uoqwfHXg0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEzeOJewrNJnakJ%2FHkqAAYsFlLqulRcFezAv72zKTCC2qHjUzrUD%2B1LiZ7RuTaxvRKLVWYc1KRyH2EaFjwBAbHgKjC09yfhOMOl8Xf9vki67YOBX%2F7B3BhP65gByUSINk2gsQRk%2BGerygD7bKgU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f818c6b3e37923e-FRA
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:03 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Fri, 11 Aug 2023 11:58:31 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
516288
ETag
W/"7a2ddf8932b862ed5d75aa7b27e3f8c1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoxTinuJpDvxYDMZqCo9h03Xh6QfEe1nnIi1xNdWc26c1wzARcjpf64grwrZB9CYk%2BPlT7QItX0L%2BDvngVoUILrwmSGttdUtEZKBxxDsnjI1t8OkyF6EGjvqe0QbSCzvG1fk%2B2UIj6v7ooMW"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7f818c6b9b6a043a-FRA
v1
prg-apac.smartadserver.com/prebid/ 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:03 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:03 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f81477562243cff0c56616fd2a1b40a7f1c229ecdb950eae4e5e119234344dc

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:24:03 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1252
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f818c6bac03bb43-FRA
expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:04 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:03 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
pbjs
useast.quantumdex.io/auction/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:03 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f818c6bad773619-FRA
access-control-allow-methods
POST, GET
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
411 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsecurityaffairs.com%252F148981%252Fhacking%252Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.64.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-64-218.ams1.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P2
x-amz-rid
Q850E7RK9K52YB6T547M
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
qS2Q7uQYGmyows6Gc2K7hUCH61sXaLArzjUwqG6oCdugXesff_2mGg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&pid=T61bmRCX6hI1b&cb=0&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_24493109421_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A109421%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.64.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-64-218.ams1.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P2
x-amz-rid
VYXRVACWW2XN5Y226PNG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
OHY9wKcQis68Zx3adJWLJ1zUseBSdG2rMvrC_0qOA5cOxk35GXwvbw==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAaPYTRzdNyyqttwKZ-aMrT-PAMB-Mtrq-MaKMKrTMewwKRlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_YPPaBTAaPYT_gxzlzktqdRwkjNARkjmNPTAbYBTRwlNldqkzqrltkctk,qdb,hxwdqzoeRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOq%2FZ10bt8BFQ%2FkQWNbnJmvou39UXk1iLDScNX59guI%2FHUvcx%2Fom3U1iykhGSTc311jfw3riNlyPkFAtvUCboeEQQQYkqS3qYH2dfDqIH0%2FYTMRnzY1ezOuv8zOTRVZPj4gv7Z5hv5vFevtj4wn%2BeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6bbf142bfe-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAaPYTRzdNZZUaKaYa-TZYq-Prry-qeyB-YKPBBeUtYBetRlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_YPPaBTAaPYT_oflzktqdRwkjNARkjmNUPAbPMARwlNldqkzqrltkctk,qdb,hxwdqzoeRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrPkjVDLfRSGrro4mbRQ88pnNFwPIzYwuCXSbq7Fk%2BO79f2zl0npIfyOMzIPf%2FqMZEXA4kZ46mjU%2BTGAv30zogyYgvPKhh1VlUay8SeL1qlgqiq9gGCb2%2FI%2FxzWZ7nsb6QS9riWF7NLAvJlT7CMagQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6bbf192bfe-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAaPYTRzdNAqqqUAPA-ATUK-PTPa-wwTy-YwaAYTTMaatBRlmNBBUbPMARdzNwqfftkRqxeNco_YPPaBTAaPYT_wqfftkRwkjNARkjmNBYAbPMA,BBUbYMA,BAAbYZARwlNqrquog,kzwigxlt,qdb,jxqfzxdrtb,hxwdqzoe,hxwdqzoeRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Je%2FM3yhhJAMqje6QqIe6S%2FAp6a6tzTTUqtLbxOWjNh4RgXWcVVWhyx7HOtUzy1HpE%2BK7hrJbR604Nd24XfuE4ONsBnTJEUDg2nUKwK1v%2BD4ALVd6u3Zu862AKEuFLkGnALYboRv7wweaEhsRkQbWew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6bbf1b2bfe-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNTaeKwAYK-ZZZP-PUKt-MyBB-UKtByMTKAUqPRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNTRmNTAaPYTRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezBzReotL1atUtDOrL1hOMpU7oXmvXflbv0ygUFceIRDHg%2Fgp5tVmz%2FRXefyF9Y7J3IVo0%2BTWKND5IYrMEP6kXVum%2F67G3p6RVTPeNHfrSEfh%2FNZLvEtdsN0yS29%2Bbwue7IEBSiuRBLjEXcafTelqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6bbf1d2bfe-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNYZPMMTrP-wYBU-PKTy-MqtP-MMKKqqBBryPYRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNTRmNTAaPYTRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuzJZVK%2F%2BrCpb44N3pgdozowu%2BTaBgVREBMC5H%2BLYrqLi2HiUFhlqQiC7JPW57h205lEFT2Q5QgOo269JF6CEdpMUQ6lLveGQtF1kl1kKi8GzVSd2N039hc4VhpVf3Jw7sGozLjex4dP8w6dLzYLjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6bbf1e2bfe-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
412 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsecurityaffairs.com%252F148981%252Fhacking%252Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.64.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-64-218.ams1.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P2
x-amz-rid
RW8CWZRW9C8AJ4ZT8YF2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
L7mx4p1iKaalQc26aE8neUws6kmB12KT-dWg0anFWKswcHmWAy51eA==
c
prebid.a-mo.net/a/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:03 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
16
server
envoy
vary
origin, Accept-Encoding
prebid
mp.4dex.io/ 		1 KB
1009 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f81477562243cff0c56616fd2a1b40a7f1c229ecdb950eae4e5e119234344dc

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:24:03 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1252
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f818c6bac05bb43-FRA
expires
0
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
useast.quantumdex.io/auction/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:03 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f818c6bad793619-FRA
access-control-allow-methods
POST, GET
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:04 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&pid=T61bmRCX6hI1b&cb=1&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493108383_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_24493108383_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.64.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-64-218.ams1.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P2
x-amz-rid
PZMA0JM4TQDN0ZMFFMXC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
5jZnFiXqNoWiWGTblhtGayc5liYtOUEiXAW4DW5NrN38PxpAxpFv0Q==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAMBMBRzdNKqyKrKKA-TMUr-PrAP-wyAq-KarqeYyZZyBMRlmNaKAbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_KRwkjNARkjmNaKAbaARwlNqdb,qrquog,hxwdqzoe,hxwdqzoe,jxqfzxdrtb,kzwigxltRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onFv9ti67KTrYaPvNG3ZLf3H0mCPnHlFVp9sZgb8VS73nK35zWdL2iVVKH9rC2aG%2BcwYByosGCO1rwQl6k3Rw%2Ff%2B5vnu8T1PDwdqKXIXgTwF4wEsZ7X2WF4Dg%2BczzVh9GhWTiDZGqC1i%2B33F9%2BROQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6bcf1f2bfe-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAMBMBRzdNBPrAqPqU-MYew-PYTq-arUZ-TBUABZwYawKURlmNKYMbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_MRwkjNARkjmNKYMbaARwlNqdb,qrquog,hxwdqzoe,hxwdqzoe,jxqfzxdrtb,kzwigxltRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ce%2BeKBBqvIbO8NrlBAwJ6m0nGzK0%2F5Se9zDLOEMa7ZIf7vdS%2BvJNvF%2FWj908FeEhFfJGSiPpYY0AKALpZt1pmxmOJIexMo0xH3Op4ih3jtvfv6UcZvGpNhh1XMzVQEZ43vtXEYiZjpfHnUdR7qY%2FvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6bdf402bfe-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNwMttyUAt-Beew-PrBy-wayT-yUMZPqPPKUZKRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNTRmNTAMBMBRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQR22w%2FEpPS0y6AnmCOD68IV89pvtSosXzf2hxfViR0b8XPZhuIBj7EAhPvyuAcunJZhBPFTOaNhBJgxcwC85ci6riBZ659RfW8hXx5I3s9INeHtOvlQ%2BoT%2BoHR45TGuzDW3bqtvqCxjLzGVsN1e5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6bdf422bfe-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNKMqTyyry-KTrr-PZqY-qqya-yrZaewZAwePeRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNTRmNTAMBMBRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BJewx7wo9oRvMuwP4SMgoTDrhcmVrUUEAPo25NdKkUJDU5VBkNv8cyHh3NjJCJrORRlX7LRl6qt6KSbPNrcg5iu76LAO0U3RxZKXT5xMD49%2BDBReS0E5jjlTNRwuwTgojEomtqtlwDzRLtvVIp7mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6bdf452bfe-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
413 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsecurityaffairs.com%252F148981%252Fhacking%252Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.64.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-64-218.ams1.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P2
x-amz-rid
ED35FET5J8AZQH021W9Y
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
sydbm-JQhqGQJhjEUx1lH_llsNms8V7vl1_NWI0KHulvN1aOnHGz5w==
1679645040.png
assets.vlitag.com/widget/2023/03/24/ 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2023/03/24/1679645040.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1153967
cf-polished
origFmt=png, origSize=323185
content-disposition
inline; filename="1679645040.webp"
alt-svc
h3=":443"; ma=86400
content-length
100856
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 24 Mar 2023 08:04:00 GMT
server
cloudflare
etag
"641d5970-4ee71"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
7f818c6bd99a371d-FRA
expires
Fri, 04 Aug 2023 03:21:04 GMT
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:03 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52111f9e6db1ec361845d907da70d0ef22220d0c4981103c3b880828b730fd89

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:24:03 GMT
x-err
Validating the Prebid Request adunits. no valid non-debug AdUnits
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. No supported banner or video size for adUnit: vi_24493108384_1
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f818c6c0c64bb43-FRA
expires
0
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
useast.quantumdex.io/auction/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:03 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f818c6c0e1b3619-FRA
access-control-allow-methods
POST, GET
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:04 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAMBMPRzdNwarYZrKe-YyZT-PAKT-MZUr-PwaMYTAwTYUBRlmNUPAbBAARdzNwqfftkRqxeNco_YPPaBTAMBMP_TRwkjNARkjmNUPAbBAARwlNqdb,qrquog,hxwdqzoe,jxqfzxdrtb,kzwigxltRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQi6xdDiS7pg9qNt1egwSwdAOTm7l1H6vOj%2FNqypWdR7a30q4o0CRhgOIzNwMvoOumnxJe8tCdKIfCJxzNlkZDsOIPOv9d0VEYeQX6JZ3QidyB9RXjxIuxdfdK1nHNEOW7QoS%2FQlUmnH4IqCmI5Y3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6c0f8a2bfe-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:04 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
useast.quantumdex.io/auction/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:03 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f818c6c0e1c3619-FRA
access-control-allow-methods
POST, GET
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b61ba2731b2d5b0c331a0b8956f40382c28856d78322fb74eff0cc539d889b2

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:24:03 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: vi_24493107667_2, Process Seats Booster. unable to get the seat booster engine for organization: 1252
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f818c6c0c65bb43-FRA
expires
0
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:02 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&pid=T61bmRCX6hI1b&cb=2&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493107667_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A107667%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.64.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-64-218.ams1.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P2
x-amz-rid
23DEMQ1PRB9VXGJ5XHC9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
BiDBYL9x3djnz4U1-qbf10wg77GTYKOT1uar7bkvq8NYf76RXN01CQ==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAKUUKRzdNaUUwKyKa-wqMK-ParP-aBMP-ZqayUettZByZRlmNBAAbYZARdzNwqfftkRqxeNco_YPPaBTAKUUK_YRwkjNARkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARwlNkzwigxlt,jxqfzxdrtb,qrquog,hxwdqzoe,hxwdqzoe,qdbRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KeEvGV%2BJV8qdPm%2B9V4iX%2BP8YB4zUukz8FTbtAe6%2FEb8UBxc7kKeoWT%2FNqvir4o3zhzmvzFyDF4sihMiCKtjDtRWIxkl5fEAU5sfXRJzyjvk0VS%2B17cP10pf5QFjAvweGWINDhFPW9I3oVs0op0t6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6c0f8b2bfe-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNMYAYywZB-tePZ-PMAP-aeeY-YeqTaqatetaqRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZA,YZAbYZARrdzNqdqmgfRwkjNTRmNTAKUUKRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mgf04BIpZucCKOVNXOG%2B2zw0PvOfvQk8J3222goHpVmw1r176ohuUDA2IhjZCy88IWwzyq7vs75XLLDCMn%2F2B1%2BnInBH2oQl22kEPUdb8coWTmNJcef5ypTh9QBKRf0eWTaCJm3iKWI1uqc6lxv0fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6c0f902bfe-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
generate_204
tpc.googlesyndication.com/ Frame C455 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?dYQbMg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
videoplayback
r5---sn-4g5edndk.googlevideo.com/
Redirect Chain
  • https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y
  • https://redirector.googlevideo.com/videoplayback?expire=1692291438&ei=Dv3dZOaVDNS1sfIP44-LwAw&ip=184.164.141.146&id=o-AH59Vka4II1-294PbI6v2FzLvZ4WKBRw8aSGPukXbRYB&itag=136&aitags=134%2C136%2C160%2C...
  • https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1692291438&ei=Dv3dZOaVDNS1sfIP44-LwAw&ip=184.164.141.146&id=o-AH59Vka4II1-294PbI6v2FzLvZ4WKBRw8aSGPukXbRYB&itag=136&aitags=134%2C136%2C...
161 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1692291438&ei=Dv3dZOaVDNS1sfIP44-LwAw&ip=184.164.141.146&id=o-AH59Vka4II1-294PbI6v2FzLvZ4WKBRw8aSGPukXbRYB&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9fyhAqX1GYhLZZqNPYo57TA_RYgXGcqxzbXC9aA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=xFj88cJ8DyIV9glJfjo3TNAP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246%2C24363391&c=WEB&txp=6216224&n=_JgZdWeAuX0os7Na&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPiWysTV3dwAx8YuGfzBp7WqcZhhBRfzU2o0i_R5h-yXAiB2OIlNgU45uc3vidXBhHjnvStsNBnpJnb1zA4W1Q6wGg%3D%3D&cms_redirect=yes&mh=d6&mip=2a01:4a0:2b::9&mm=31&mn=sn-4g5edndk&ms=au&mt=1692271028&mv=m&mvi=5&pl=46&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJe2Rxe8m8O4zNjS0zv0PROUxoQFZlCUo3cx1K2ekwF0AiAkLybsC98Py5gz8kvHnyqySvs716jc-wQiVqpASPP2VQ%3D%3D
Protocol
H3
Server
2a00:1450:4001:23::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

client-protocol
quic
date
Thu, 17 Aug 2023 11:24:04 GMT
x-restrict-formats-hint
None
x-content-type-options
nosniff
last-modified
Sat, 03 Jun 2023 08:32:09 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-33307028/33307029
cache-control
private, max-age=19694
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
33307029
expires
Thu, 17 Aug 2023 11:24:04 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1692291438&ei=Dv3dZOaVDNS1sfIP44-LwAw&ip=184.164.141.146&id=o-AH59Vka4II1-294PbI6v2FzLvZ4WKBRw8aSGPukXbRYB&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9fyhAqX1GYhLZZqNPYo57TA_RYgXGcqxzbXC9aA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=xFj88cJ8DyIV9glJfjo3TNAP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246%2C24363391&c=WEB&txp=6216224&n=_JgZdWeAuX0os7Na&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPiWysTV3dwAx8YuGfzBp7WqcZhhBRfzU2o0i_R5h-yXAiB2OIlNgU45uc3vidXBhHjnvStsNBnpJnb1zA4W1Q6wGg%3D%3D&cms_redirect=yes&mh=d6&mip=2a01:4a0:2b::9&mm=31&mn=sn-4g5edndk&ms=au&mt=1692271028&mv=m&mvi=5&pl=46&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJe2Rxe8m8O4zNjS0zv0PROUxoQFZlCUo3cx1K2ekwF0AiAkLybsC98Py5gz8kvHnyqySvs716jc-wQiVqpASPP2VQ%3D%3D
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&pid=T61bmRCX6hI1b&cb=3&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493107673_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A107673%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.64.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-64-218.ams1.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P2
x-amz-rid
54Y6H3XKM0TWKQ89E2EQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
NQNjBN9zAizwxCXBAxE35A1uZG7pLecAiqiRwvxTulpQNGHo6Fl3jw==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNZtyeKaKM-Mwaa-PZKe-qZAy-MqZAPZYKqqUURdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNaKAbYZA,aKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNTAKUKBRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xj%2FMnkZHFtrCr1RxV7byoDUWZPifhZCmLGs%2F4ubm%2B5VMMKarjDYy04pf4tkGcTLQTEYEtnYn6q7O2kuliMYiHbcfyrSBJGmzY%2BFGA55y1Znx6Kjp%2F7XJALCkYDnBS8kBuwSpiwHU0uUP6OiV7KXC%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6c1faf2bfe-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsecurityaffairs.com%252F148981%252Fhacking%252Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.64.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-64-218.ams1.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P2
x-amz-rid
XVVNQPNJNGGD8XA2MGAX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
cqVEIQQmytVDJbskbtZXhJQEkdWAyDUpkZq1gOF_IB0LOxr7PR2oVA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&pid=T61bmRCX6hI1b&cb=4&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493107667_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A107667%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.64.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-64-218.ams1.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P2
x-amz-rid
AE36KK50R6Y74V42YWEA
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
q6nhssdSC9mze_lk1PJ8m5sgBS__h1iBf5CcVSblCIeXahWsQ7N7lg==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNYTewPrMy-tYZP-PrZA-aZYU-TZAyyBTBPwAqRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZA,YZAbYZARrdzNqdqmgfRwkjNARmNTAKUUKRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8VqW4joWbF7V2c3V30Cc7hYG1XicW0pZFEi3TEVhBXuynq2xGPp6GVvENh%2BeZ11bytSRGUpQeOIBgzAFqBcPlhiiIaAyBU8B3MeeC9gU7HvRP4kvrwEKnc1v3q1lMm6EF2O18yCmK%2Bu8NMtPJshaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6c2fbd2bfe-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
412 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsecurityaffairs.com%252F148981%252Fhacking%252Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.64.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-64-218.ams1.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ee47c4d401aca1a1f5c2ee96ce3267e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P2
x-amz-rid
4EFDK8RKAWG3DZ75QTWZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
JRy74cs2F_V8tPS76lbQCyoy4aJZrV2Q52weA-VbL38lIjD76_rOVQ==
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		3 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
last-modified
Mon, 14 Aug 2023 12:28:03 GMT
server
cloudflare
age
0
etag
W/"c33119e4566ec99f3327d83c499e437882fc6da2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
7f818c6cd96c3630-FRA
content-length
3
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:03 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
498043
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 11 Aug 2023 11:58:31 GMT
Server
cloudflare
ETag
W/"9d36e722f929b1726cf2a9cba00af489"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6xD6Fdf8uZE8QFjC4bs2gDPq8eh5QgS9O8MR5vY7q%2BXoXwpxkySM%2BixR1oqnERmlYhwDVGFutaYj%2BbCm5zxz8QqAfNITUFJ5JGcePu0L3uLuLjiOWJrgLMQdhnEzZpDBv2Esn%2FzVzselEVF"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7f818c6ccce93644-FRA
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3A74 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91874
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Fri, 18 Aug 2023 12:55:18 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1801 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91874
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Fri, 18 Aug 2023 12:55:18 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame A959 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP006 /
Resource Hash

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
server
33XP006
x-33x-status
2000208
/
ssc-cms.33across.com/ps/ Frame 912B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
server
33XP004
x-33x-status
2000208
PugMaster
image6.pubmatic.com/AdServer/ Frame 1801 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=9019597&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
f301466fc57b3c08828a15dde7fac0eb8ae941d4884bb6caa10f626f615fb6f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 11:24:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync.aspx
dis.criteo.com/dis/ Frame 210B 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Thu, 17 Aug 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
170008
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame A08E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1E9AD575-C789-434E-B4E7-7684BEEE02FB&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1E9AD575-C789-434E-B4E7-7684BEEE02FB&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1E9AD575-C789-434E-B4E7-7684BEEE02FB&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:24:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
HB7ME3QMF5T23Q2HP3GS

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 17 Aug 2023 11:24:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1E9AD575-C789-434E-B4E7-7684BEEE02FB&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YQ297ZST13P8PATRPWY6
Pug
image2.pubmatic.com/AdServer/ Frame 2DCE
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XnU4VFhyaQVFczoGWnVxVV5xOARFcmtVDHaRfv1C
42 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XnU4VFhyaQVFczoGWnVxVV5xOARFcmtVDHaRfv1C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XnU4VFhyaQVFczoGWnVxVV5xOARFcmtVDHaRfv1C
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame FC00
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7459351539056021238&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7459351539056021238&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
8a218ac5-46e3-4179-bd87-75f196d2eafb
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7459351539056021238&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
81.95.5.35; 81.95.5.35; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 95BC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wb484hKWX3F2dPvXnUWD7FFfBSM&gdpr=0&gdpr_consent=
42 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wb484hKWX3F2dPvXnUWD7FFfBSM&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Aug 2023 11:24:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wb484hKWX3F2dPvXnUWD7FFfBSM&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 7ADF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7268250507939412111&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7268250507939412111&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 17 Aug 2023 11:24:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7268250507939412111&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 9B52
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN4DVAAJOvhoaAA_
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 17 Aug 2023 11:24:04 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220104-FRA
x-timer
S1692271444.317504,VS0,VE88

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 17 Aug 2023 11:24:04 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN4DVAAJOvhoaAA_
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220104-FRA
x-timer
S1692271444.187401,VS0,VE93
Pug
simage2.pubmatic.com/AdServer/ Frame 8DAB
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 17 Aug 2023 11:24:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 8BA6
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455420622270184
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455420622270184
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 17 Aug 2023 11:24:04 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455420622270184
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
image2.pubmatic.com/AdServer/ Frame 4040
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGNEtFN0p2QWNBQUNhdWQ4QjhKZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAF4KE7JvAcAACaud8B8Jg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAF4KE7JvAcAACaud8B8Jg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAF4KE7JvAcAACaud8B8Jg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3100904523491322904&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAF4KE7JvAcAACaud8B8Jg&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAF4KE7JvAcAACaud8B8Jg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 17 Aug 2023 11:24:07 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAF4KE7JvAcAACaud8B8Jg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
bridge
cm.adgrx.com/ Frame 80FC 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-9
Pug
image2.pubmatic.com/AdServer/ Frame FB9A
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU0f722e4dc98245b6a949c31708e64d29&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU0f722e4dc98245b6a949c31708e64d29&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
168
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU0f722e4dc98245b6a949c31708e64d29&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
pragma
no-cache
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 85DE
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7963049915053187346
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7963049915053187346
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7963049915053187346
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cm
ipac.ctnsnet.com/int/ Frame E948 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 17 Aug 2023 11:24:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame AC23 		43 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:24:04 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-25969e8472eb@version_1.566
X-core-time
0ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame FDEE
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1f38ailjgtm0
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1f38ailjgtm0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Thu, 17 Aug 2023 11:24:04 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1f38ailjgtm0
lws
38
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
2
Pug
image2.pubmatic.com/AdServer/ Frame EAA2
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8cb3989c5dc47795/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSjhYRSRjVQjWTTRV&gdpr=0&gdpr_consent=
42 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSjhYRSRjVQjWTTRV&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSjhYRSRjVQjWTTRV&gdpr=0&gdpr_consent=
i.match
s.tribalfusion.com/z/ Frame FE0F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f818c6f783f3735-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f818c6e4e4f3735-FRA
content-type
text/html
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
364
setuid
u.4dex.io/ Frame 81F9 		0
161 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)1E9AD575-C789-434E-B4E7-7684BEEE02FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1801
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HprVdceJQ06053aEvu4C-w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=91874
accept-ranges
bytes
content-length
5606
expires
Fri, 18 Aug 2023 12:55:18 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 1801 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1E9AD575-C789-434E-B4E7-7684BEEE02FB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.170.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-170-80.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.29.59
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 1801
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2036628588
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=1E9AD575-C789-434E-B4E7-7684BEEE02FB
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
last-modified
Thu, 17 Aug 2023 11:24:04 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=1E9AD575-C789-434E-B4E7-7684BEEE02FB
date
Thu, 17 Aug 2023 11:24:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 1801
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=1E9AD575-C789-434E-B4E7-7684BEEE02FB
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTY5TWFSUW5Ub2lSZzZMR3NyUmdQeFJiQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=2407697930668253618&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Server
54.157.243.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-243-229.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 17 Aug 2023 11:24:04 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 1801
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUU5QUQ1NzUtQzc4OS00MzRFLUI0RTctNzY4NEJFRUUwMkZC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1801
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFzlbslW6-iakT24nbVefAg&google_cver=1
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFzlbslW6-iakT24nbVefAg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFzlbslW6-iakT24nbVefAg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1801 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 16 Aug 2023 11:24:04 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1801 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 1801
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2407697930668253618
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2407697930668253618
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2407697930668253618
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
1E9AD575-C789-434E-B4E7-7684BEEE02FB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1801 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1E9AD575-C789-434E-B4E7-7684BEEE02FB?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:5fd4:6fb0:e48:6d7e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 1801 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1E9AD575-C789-434E-B4E7-7684BEEE02FB&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 1801
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1ab11767-d619-4fc8-bdc0-9c39973188cb&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1ab11767-d619-4fc8-bdc0-9c39973188cb&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1ab11767-d619-4fc8-bdc0-9c39973188cb&gdpr=0&gdpr_consent=&gdpr_pd=
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1801
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4138269106523966498&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4138269106523966498&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4138269106523966498&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 1801 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1E9AD575-C789-434E-B4E7-7684BEEE02FB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1801
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:da1ce358-6341-4720-a91b-ae40fbe355cc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:da1ce358-6341-4720-a91b-ae40fbe355cc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:da1ce358-6341-4720-a91b-ae40fbe355cc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 17 Aug 2023 11:24:04 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1801 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c16a5200a698489cf33d3f902021c2454845ea9fe452b32ef0ab39705100c3a9

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:24:04 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 5 inventory rules not found for mediatype: banner and adUnitCode: vi_24493107673_1, Process Seats Booster. unable to get the seat booster engine for organization: 1252
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f818c6eaff4bb43-FRA
expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:04 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
useast.quantumdex.io/auction/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:04 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f818c6ea94e3619-FRA
access-control-allow-methods
POST, GET
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:03 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAKUKBRzdNYPtaMtrM-ZqtY-PKtw-qqYA-ywAMtBMUAarMRlmNaKAbYZARdzNwqfftkRqxeNco_YPPaBTAKUKB_TRwkjNTRkjmNaKAbYZA,aKAbaA,aKAbUU,aUAbaA,aZAbaA,aBAbTMA,KZAbTAA,KYMbaA,PUMbUARwlNhxwdqzoe,hxwdqzoe,hxwdqzoe,hxwdqzoe,qrquog,kzwigxlt,jxqfzxdrtb,qdbRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7rF%2BLwvZCJ5Xx%2F%2FWfRfeAiBm7yh%2FQAWa7%2FvXABNwu2DuE6GYtDx%2F1SGYyhozkaM0HXW0w1cKavmS6jMDEd%2BpYMQAAeHc43sPHcztFlSx8PJnJwRHkw%2F6%2Bbz2ue%2Fa%2Fvg38AyJLr2fjqRXMscmyObJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6ebc4a2bfe-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18276
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfghahb%2FKpxUuz1ze0cbBtrIUNeeBZgy%2BucM%2BQza7PKpySZ9QmA%2F1ipV4s%2BhIlE2V%2FzAvdnph%2FBAlt2YHD%2BVAq3sulPUWnwqsdlJ6cXsu6TAEfRqE3ti1pm1psr9dMIVnOjEVmEp1bRodSwwl1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f818c6f0d186973-FRA
esp.js
cdn.id5-sync.com/api/1.0/ 		112 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Aug 2023 11:32:19 GMT
server
cloudflare
x-amz-request-id
9JD2PVWRNGH6W9D6
age
737
etag
W/"25c6f4638264ba52fb77e06351d38d61"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7f818c6f29349219-FRA
x-amz-id-2
C78NJH9XkIV+sX3gWmjnQ0d7A0CrZ/OSO/7CSNMeogj/qizLfap+8xu2sOYpsPd/7/w1SlaLgeQGDUvfhgOumQ==
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 18 Aug 2023 11:24:04 GMT
prebid
mp.4dex.io/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31d27078f7ffee671cfa393516ea7af971b8602ebe09fb751a2bb0c19ff6ddd4

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:24:04 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: vi_24493107667_1, Process Seats Booster. unable to get the seat booster engine for organization: 1252
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f818c6ef857bb43-FRA
expires
0
pbjs
useast.quantumdex.io/auction/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:04 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f818c6ef9b23619-FRA
access-control-allow-methods
POST, GET
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:04 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0cd61ca0724c74a1e9510b77c5f66ebe240576cc95bf77cf02fa5227fa53ca1b

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
gzip
x-openrtb-version
2.3
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1801
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:03 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAKUUKRzdNTePTYTyY-wAyK-PaqK-atYZ-aPrMBtMtqYPYRlmNBAAbYZARdzNwqfftkRqxeNco_YPPaBTAKUUK_TRwkjNTRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARwlNqrquog,jxqfzxdrtb,kzwigxlt,hxwdqzoe,hxwdqzoe,qdbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnK4J18IN8hxDNljeuHa6%2B8jZdG9NvA8AHlykXXVNBjSV9iLmzIjoS1iZfnC95XMB9vjNZW5XhdoYbgrL0BhGL1qGL2Erzy2OtQaDi1if%2BkKYRGiZBcBFiJuPyLN3eVGSY8LgioXX533Iq%2F3zHPNJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6efd4e3689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		66 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=538799672571642&correlator=3380652309285740&eid=31077190&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=21724377464%3A22897089438%2Csecurityaffairs.com_vli109421&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fsfs=1&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Dcb49db63397a2afa-225385bb53de002b%3AT%3D1692271443%3ART%3D1692271443%3AS%3DALNI_MbhJMsIrzLXJgbXoJ5qVrPErMH6EQ&gpic=UID%3D00000c6202444b46%3AT%3D1692271443%3ART%3D1692271443%3AS%3DALNI_MYTLMg_1204Rm4-sM_koGNAiNeFGg&abxe=1&dt=1692271444311&lmt=1692264244&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=427256701.1692271443&ga_sid=1692271443&ga_hid=1013763069&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYyIL0maAxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMiC9JmgMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YyIL0maAxSABSAghk&dlt=1692271442397&idt=1501&prev_scp=vli_adslot%3D109421%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_slot%3Dvi_24493109421_banner%26pw_tagid%3D109421%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dsecurityaffairs.com&adks=3005700972
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3eba5a82257dd5134b9122c906f06aa9e9f60ae582f648cca486cb9bb979b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20382
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNMaeKPYMq-ttPK-PYwq-wqYM-wKtYYyMrKeaTRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBYAbPMA,BBUbYMA,BAAbYZARrdzNuggustRwkjNTRmNTAaPYTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqprnYTZzXfvvVMSuDU4jgM8IjuHxCkA30db8msppmzW6CxlHNB9jveWoQ1EbP5fdPGwlYGpteiu5AwAi8geIBuSbtTZGbCx%2FClqBc68AniuOftSeu56zE1h%2FVcCcQTUGB3haNCnnL2ZGJ39AnIdjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6f0d683689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
container.html
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 05EE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Fri, 16 Aug 2024 11:24:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f1127da826eac2c1865978de2f8e3f7923abae3ad9b1fada5037b9252190437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:43:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
52831
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13180
x-xss-protection
0
server
cafe
etag
2764589781205839791
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 15 Aug 2024 20:43:33 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		37 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=538799672571642&correlator=913305663373135&eid=31077190&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=21724377464%3A22897089438%2Csecurityaffairs.com_vli108384&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x300&ifi=3&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3Dcb49db63397a2afa-225385bb53de002b%3AT%3D1692271443%3ART%3D1692271443%3AS%3DALNI_MbhJMsIrzLXJgbXoJ5qVrPErMH6EQ&gpic=UID%3D00000c6202444b46%3AT%3D1692271443%3ART%3D1692271443%3AS%3DALNI_MYTLMg_1204Rm4-sM_koGNAiNeFGg&abxe=1&dt=1692271444368&lmt=1692264244&adxs=480&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&frm=20&vis=1&psz=640x-1&msz=640x-1&fws=4&ohw=1600&ga_vid=427256701.1692271443&ga_sid=1692271443&ga_hid=1013763069&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYyIL0maAxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMiC9JmgMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YyIL0maAxSABSAghk&dlt=1692271442397&idt=1501&prev_scp=vli_adslot%3D108384%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D640%26hb_height%3D300%26pw_tagid%3D108384%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dsecurityaffairs.com&adks=1788617067
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10f15bc9a806101afcecfafaeab2fb9e5e3a493872e23e12ee62c28e18841332
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15943
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNKtAwAqAr-UBKB-PtUq-wTeK-eTaBAaqKeePMRdzNwqfftkRwlNqrb_TZYdtroqRkjmNUPAbBAARrdzNuggustRwkjNTRmNTAMBMPRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rxm3PC%2BD%2Bepv1IAP5YgsZfsaZw3dsOtDioElTO0Nxr9BbRoelkWKI%2FbHgVvI52iSjROojSSCmbe3SoH0ECx2oyarKZ5wEQFhpoE%2BC3JEIMzpHcOgnhe6r9JefqYAhVEQR40%2BJ8hhZtqzKmS%2BV9TfaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6f5df13689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		40 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=538799672571642&correlator=1443410311686403&eid=31077190&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=21724377464%3A22897089438%2Csecurityaffairs.com_vli107667&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C200x200%7C180x150&ifi=4&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3Dcb49db63397a2afa-225385bb53de002b%3AT%3D1692271443%3ART%3D1692271443%3AS%3DALNI_MbhJMsIrzLXJgbXoJ5qVrPErMH6EQ&gpic=UID%3D00000c6202444b46%3AT%3D1692271443%3ART%3D1692271443%3AS%3DALNI_MYTLMg_1204Rm4-sM_koGNAiNeFGg&abxe=1&dt=1692271444373&lmt=1692264244&adxs=980&adys=2213&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1600&ga_vid=427256701.1692271443&ga_sid=1692271443&ga_hid=1013763069&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYyIL0maAxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMiC9JmgMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YyIL0maAxSABSAghk&dlt=1692271442397&idt=1501&prev_scp=vli_adslot%3D107667%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26pw_tagid%3D107667%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dsecurityaffairs.com&adks=2774311525
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38341e14f900466d968ea8a1316215d4e6dbd9b153638a2b01c46e993d1f7be0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16580
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNqMPqqrYy-TYPq-PwaA-wAUB-ateYrwAaPAqwRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARrdzNuggustRwkjNTRmNTAKUUKRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzTs2v30mGMhYNemDmzbfm6pktfgvtkCElQcJfbBp7Mj8EB5ZjwljahVnG86SttJxK9uwd0tCs3Vf5lXh%2Fy%2FIzESJmz8L3NtUhfzXHeV3Yj0009eBA7BWsQv1ko2xJ3ngkxLk7tRvYaRGI4zqvP9Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6f5e013689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
setuid
u.4dex.io/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3656
  • https://u.4dex.io/setuid?bidder=freewheel&uid=5cbe9d52294ae63a2431ab76bc435be4
0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=freewheel&uid=5cbe9d52294ae63a2431ab76bc435be4
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:04 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://u.4dex.io/setuid?bidder=freewheel&uid=5cbe9d52294ae63a2431ab76bc435be4
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1692271444489029-540
Expires
Thu, 17 Aug 2023 11:24:04 GMT
be96b820e5daac93
ads.us.e-planning.net/uspd/1/ Frame AF60
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
93030b8225c244b961f2918dcc27292195efef8eb0ab969f535aa2ab329e7486

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Thu, 17 Aug 2023 11:24:04 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-919

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Thu, 17 Aug 2023 11:24:04 GMT
location
/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-919
increment
id5-sync.com/api/esp/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
ads
securepubads.g.doubleclick.net/gampad/ 		37 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=538799672571642&correlator=3918853438864574&eid=31077190&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=21724377464%3A22897089438%2Csecurityaffairs.com_vli108383&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=5&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3Dcb49db63397a2afa-225385bb53de002b%3AT%3D1692271443%3ART%3D1692271443%3AS%3DALNI_MbhJMsIrzLXJgbXoJ5qVrPErMH6EQ&gpic=UID%3D00000c6202444b46%3AT%3D1692271443%3ART%3D1692271443%3AS%3DALNI_MYTLMg_1204Rm4-sM_koGNAiNeFGg&abxe=1&dt=1692271444412&lmt=1692264244&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&frm=20&vis=1&psz=1600x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=427256701.1692271443&ga_sid=1692271443&ga_hid=1013763069&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYr4P0maAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGMiC9JmgMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YyIL0maAxSABSAghk&dlt=1692271442397&idt=1501&prev_scp=vli_adslot%3D108383%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D108383%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dsecurityaffairs.com&adks=3262429219
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2705aeb6c87ef92c1adc8a320a224a2dc9ae39eaa30f54fb7b49b2e95ede221
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15772
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNYZBrtrwy-PeUq-PaZt-aKaq-PABtqYwBKKweRdzNwqfftkRwlNqrb_TZYdtroqRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNTAMBMBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kNy%2F7y85P%2BvpTqZGTKi4Li93rs%2FNImw0GHdYsbo%2FMhYps0C2eL41pqCTaOQbjb1vD6fs0T8tdcIXkW1dRTO47bN9L265mUXfeLMnG24tYomjahootHNjghCogEVi%2FYz0yBal8A2JbS7F6eXvw9AuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6f9e723689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
syncframe
gum.criteo.com/ Frame 2FF7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=securityaffairs.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:03 GMT
server
Kestrel
server-processing-duration-in-ticks
304154
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=538799672571642&correlator=3501037088788580&eid=31077190&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=21724377464%3A22897089438%2Csecurityaffairs.com_vli107673&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x100%7C728x90%7C468x60&ifi=6&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3Dcb49db63397a2afa-225385bb53de002b%3AT%3D1692271443%3ART%3D1692271443%3AS%3DALNI_MbhJMsIrzLXJgbXoJ5qVrPErMH6EQ&gpic=UID%3D00000c6202444b46%3AT%3D1692271443%3ART%3D1692271443%3AS%3DALNI_MYTLMg_1204Rm4-sM_koGNAiNeFGg&abxe=1&dt=1692271444471&lmt=1692264244&adxs=320&adys=621&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=4&ohw=1600&ga_vid=427256701.1692271443&ga_sid=1692271443&ga_hid=1013763069&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYr4P0maAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGMiC9JmgMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y4YP0maAxSABSAghq&dlt=1692271442397&idt=1501&prev_scp=vli_adslot%3D107673%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D250%26pw_tagid%3D107673%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dsecurityaffairs.com&adks=1424843809
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e69faea43075d0fe6eada0bbf39b44fee0ddf2d63ed00efac4099fe6d405dc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11941
x-xss-protection
0
google-lineitem-id
5877303303
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377370636
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNMaYPTAwA-aatM-PyYT-Myeq-atrtrwMPZqeKRdzNwqfftkRwlNqrb_TZYdtroqRkjmNaKAbYZA,aKAbaA,aKAbUU,aUAbaA,aZAbaA,aBAbTMA,KZAbTAA,KYMbaA,PUMbUARrdzNuggustRwkjNTRmNTAKUKBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8UEEc5rGQ9pgljEcDHHBz74qTamJsbsA0z0%2Fj9tv92Nq6JIkUUlHfAGpJyxMVvgasfvF3jsI4dnPP4TNtGMw1beONNCoIXgEMGQcfHjU%2BMmlx0O7yoN0nRBa3lLxXAmw6Nx37bFCCe0g7Ioz4HFQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c6fff213689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
pixelSync
pixel.sitescout.com/dmp/ Frame AF60 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Df37e14df79e0be88
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pbs.gif
sync.admanmedia.com/ Frame AF60 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Df37e14df79e0be88%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
prebid
rtb.openx.net/sync/ Frame AF60 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Df37e14df79e0be88%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame AF60 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:03 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 15 Aug 2028 11:24:03 GMT
um
u-ams03.e-planning.net/ Frame AF60
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Df37e14df79e0be88%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=f37e14df79e0be88&uid=7459351539056021238
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=f37e14df79e0be88&uid=7459351539056021238
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Thu, 17 Aug 2023 11:24:04 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
an-x-request-uuid
59b11830-33b7-468c-8ba7-12477a72fc7b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=f37e14df79e0be88&uid=7459351539056021238
x-proxy-origin
81.95.5.35; 81.95.5.35; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame AF60
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Df37e14df79e0be88%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=f37e14df79e0be88&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=f37e14df79e0be88&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Thu, 17 Aug 2023 11:24:04 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=f37e14df79e0be88&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-store
content-length
0
expires
0
us
sync.go.sonobi.com/ Frame AF60 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Df37e14df79e0be88%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-123
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-ams03.e-planning.net/ Frame AF60
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=f37e14df79e0be88
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=f37e14df79e0be88
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=f37e14df79e0be88
date
Thu, 17 Aug 2023 11:24:04 GMT
server
fasthttp
content-length
0
usync.html
eus.rubiconproject.com/ Frame 61B0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 11:24:04 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 17 Aug 2023 11:24:04 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4A31 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Df37e14df79e0be88%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91874
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Fri, 18 Aug 2023 12:55:18 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 6C2F
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D&s=190243&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
6153cb23a6f7eb567426b35b81b705af87b533e24da18e5b375196b03de6160f

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1809
Content-Type
text/html
Date
Thu, 17 Aug 2023 11:24:04 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Thu, 17 Aug 2023 11:24:04 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D&s=190243&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 08DD 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
84227
cf4ttl
157680000.000
content-length
1525
content-type
text/html
date
Thu, 17 Aug 2023 11:24:04 GMT
etag
"61ddbb71-5f5"
expires
Mon, 24 Apr 2028 15:30:46 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
205b7f268d445875cf654d01f414bee0
x-cf-tsc
1682607275
x-cf1
29080:fK.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 1CE4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame BE7F 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a4b91db2f74091861110e9a977d736468738c0d3c651176837ff60e6e4b005
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7f818c7048da1a7d-FRA
content-encoding
br
content-type
text/html
date
Thu, 17 Aug 2023 11:24:04 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230815&jk=538799672571642&bg=!nJ-ln8vNAAZGPLJIZjw7ADkAdvg8WuJd34nQZId9zeTLBySo42jUurV9uLtaK62GNhyJUlgIpAIJ2gZ3HAXP6eSowAU6leFyXHkCAAABXlIAAAAIaAEHmQLRqlsdxIgNoF0qcyYlgQU3yaRwG4jms2kGz7PzrxzZLoKzLJFrJGyv4jy03Gjbn_66iqGktKYUWgQd5J1M0l_AB4KLDSDMw-3ZVIP59udYzdBcj80Ldr5fYl8HXoabmbywjsgZY5i-2sBSykGhUsLU6oV1hRRlrGNOOF1aogiDO2C7L_TkgQO2MesvIq-aUPfbOU1pEDRBUG6WKx5yiTrEhbc_guX6oR4MVKTttbE8LPJKBrXu1vBvG6sypjl8xZfXI6ptKphJA3ItnD4Nb9UxDXCePEujotuynkSPGHKvCIXopfhr8uLgFjQGRDRPwuSYTHWLwWx3iHYyUurpL-_h9dj1DLOacRyJKyBgpxOTMvNbfcS7yKvSHm6sXwgI9IMkv73r7DHXLi-rFBjGNeSnUy6wVzrdVLivVyrLA2knLlrPtJuDQ9nR1bJWznNAqj71m5OH0y0OtHg7FCUDggY7jlXo4o8QgRnyQ3p1aFD2cOgMbffkcvFWkoZI_73HU5bP29Aw_MdYXvYrhqnSn92_L_n9UVSppikaoX9yDG2X1UcoYgQWjj4QVG48gosbbifEXi_ktfSKxmdVsMkS-Qq24tkb_d3XyKJWOVgrAHHCEjcA49JO57PUhylig75_Hat0UKZChdTA99qmc_CYioJfc3G_N5Z9ntbWyT88nu5awW6ranaEDb7Biiu9KGcvLPQMgp9hfUSLWzVSJ2wPbq_DZFrFVfffvxkiMp_A_fj-EEG5EBnv33Aj0v_G8rTm_Xfsp7iZIBCrSocihvnPQW2u-vm4igwIXsYbDwAb_ZbCmudXiy1k-IzWhOPS20DGN0gLZfMu05dhj5RFA1zNoh9ePNADuwFKKiov_gYb10i3D3RRjPaTLQVMZSglLNg6LTWkfNgp6DxleJi8M7hcF2PtlnDbmMBkB8ZX0IHKCOlgMTieJ_cFwgPbZlZ675RnrV0Chg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame 2FF7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=securityaffairs.com&sn=ChromeSyncframe&so=0&topUrl=securityaffairs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=OQMw8nwwazc4QjZyVmtEYnpJR1BSSDZuclVMM2FCcW1uclMzU2luUjNlUERZWTl2ZE9hekFZYTFtYzIySVN6bTNxSDk4clViM1E3TjJuN2ZkcnJZT041K3p3T2UxeE0vT2RtL052Mzg1cyt2WVlnbFg0RzR2dk9ibXN1Z0...
460 B
676 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OQMw8nwwazc4QjZyVmtEYnpJR1BSSDZuclVMM2FCcW1uclMzU2luUjNlUERZWTl2ZE9hekFZYTFtYzIySVN6bTNxSDk4clViM1E3TjJuN2ZkcnJZT041K3p3T2UxeE0vT2RtL052Mzg1cyt2WVlnbFg0RzR2dk9ibXN1Z0daZnlZcmhvQzlCRjB1VEpPamFCT1liV0FUSEY5NGJ2V3EyS056bUtEOVVFenNZVGtlczFRZnVpSkVTckxSdkJWVVFHS2ZaUWNXV2RXOUJLSWxjNkRHakhPOFdDWTNLaDY4ck04YVF5NkZISGt0cEswaVlCMzEvY29qUE1qRVVxdGNmSE1LT1BFR1VETkJnN21USGh5OHA0VmxWM05mT1dEaXNORitYNksrMTlzQUlzUmNXTT18&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5427592bb5ce5e461aa4257804b39a73ab9463d37f93ac73b2d6f9d26b834195
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1304101
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=OQMw8nwwazc4QjZyVmtEYnpJR1BSSDZuclVMM2FCcW1uclMzU2luUjNlUERZWTl2ZE9hekFZYTFtYzIySVN6bTNxSDk4clViM1E3TjJuN2ZkcnJZT041K3p3T2UxeE0vT2RtL052Mzg1cyt2WVlnbFg0RzR2dk9ibXN1Z0daZnlZcmhvQzlCRjB1VEpPamFCT1liV0FUSEY5NGJ2V3EyS056bUtEOVVFenNZVGtlczFRZnVpSkVTckxSdkJWVVFHS2ZaUWNXV2RXOUJLSWxjNkRHakhPOFdDWTNLaDY4ck04YVF5NkZISGt0cEswaVlCMzEvY29qUE1qRVVxdGNmSE1LT1BFR1VETkJnN21USGh5OHA0VmxWM05mT1dEaXNORitYNksrMTlzQUlzUmNXTT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
297098
content-length
0
expires
0
cc.jpeg
px.vliplatform.com/br-v4/ 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNwABwaetY-ZYZM-PAKe-wyZw-qMPaZYZPBwerRlmNBAAbYZARdzNwqfftkRqxeNco_YPPaBTAKUUK_TRysggkNAGATRwkNhxwdqzoe|AGBMPMAAAAAAAAAAAAB|BAAbYZA|wqfftk|YYa|RmNTAKUUKRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4sGtHjgxXF3NszRweE5PJIeb%2B21BLKIRwvG3gULDt7T9Izm0n2ij1L0phN%2FlwIiG9JsbrkyaGrPVkKizMKiiHuPZ8C7%2FuExjRassS8M5WuIDAZzz9EnXGHqWOFNFOY6OTNozB2qMmutgTXdGV4D9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c706fb93689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame AF60 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-7.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 11:35:11 GMT
content-encoding
gzip
via
1.1 d9fcaa7ae40e5e547fbbd3d693139fae.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:08:40 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
85734
x-amz-server-side-encryption
AES256
etag
W/"0c967603b7e4d32b78b7ca772270a5c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
4TLuGBdif-q_AJbhwkG67IxAbFbJ3ZK1LkGECaPnwTRF7XGpqB85Pw==
15581
rtb.gumgum.com/usync/ Frame D8F1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.48.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-48-56.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2dc6cc0603c763b90a6cf75c2459c3cfa25b12db26d951136f1095d75541e765

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 17 Aug 2023 11:24:04 GMT
etag
W/"09134de6ca4bbfcb54487289e2bf0cc7e"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame 0643 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 17 Aug 2023 11:24:04 GMT
setuid
u.4dex.io/ Frame B7E9 		0
46 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=eplanning&uid=ALb-MpcF055A7u0A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=538799672571642&correlator=4256434415119668&eid=31077190&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=21724377464%3A22897089438%2Csecurityaffairs.com_vli107667&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C200x200%7C180x150&ifi=7&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3Dcb49db63397a2afa-225385bb53de002b%3AT%3D1692271443%3ART%3D1692271443%3AS%3DALNI_MbhJMsIrzLXJgbXoJ5qVrPErMH6EQ&gpic=UID%3D00000c6202444b46%3AT%3D1692271443%3ART%3D1692271443%3AS%3DALNI_MYTLMg_1204Rm4-sM_koGNAiNeFGg&abxe=1&dt=1692271444556&lmt=1692264244&adxs=980&adys=1054&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1600&ga_vid=427256701.1692271443&ga_sid=1692271443&ga_hid=1013763069&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYr4P0maAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGMiC9JmgMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y4YP0maAxSABSAghq&dlt=1692271442397&idt=1501&prev_scp=vli_adslot%3D107667%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26pw_tagid%3D107667%26vli_sf%3D1%26pw_network%3Dtrue%26hb_bidder%3Dpubmatic%26hb_adid%3D811e2806aa54cc1%26pw_pb%3D0.48%26hb_size%3D300x250%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_domain%3Dsecurityaffairs.com%26real_cpm%3D0.38480000000000003&cust_params=hb_domain%3Dsecurityaffairs.com&adks=2774311524
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3021738458f239a69da9a30d187077a21d03bb2240aa2ebe8facc4330308326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12015
x-xss-protection
0
google-lineitem-id
5879165924
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377370648
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNByUqTMqZ-qPZM-PeZZ-MrAr-BtyMZUBaratTRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARrdzNuggustRwkjNTRmNTAKUUKRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCh%2BGxx0ehg95KYq3%2BHw8T2qWj7y4EyzAxyoI6hjTk9FgYtmExkopOqk4%2F5%2Bqe3OGIE9S1NybnP0IUeyLyZDiuc6g75xo3FONZqAIBslUnFpx1TzeW%2Bit1ZROOEZqdNATajslrc66M1yO8d%2B7p0Z3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c707fdb3689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
getuid
ib.adnxs.com/ Frame BE7F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame BE7F 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame BE7F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=3d83cb6a-d276-42c4-b841-092c93920f3f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=3d83cb6a-d276-42c4-b841-092c93920f3f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f818c715a7c1a7d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=3d83cb6a-d276-42c4-b841-092c93920f3f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame BE7F 		0
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame BE7F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7a73c290-0aff-4260-6dee-d983676cfc18%26reqId%3D2f33f521-1ee1-46c4-757c-14d1e40a86d3%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame BE7F 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230022-FRA
server
nginx
x-timer
S1692271445.608512,VS0,VE8
x-fastly-to-nlb-rtt
7444
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
u
dmp.v.fwmrm.net/ad/ Frame BE7F 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f00:6418:3db0:a56e:6f03 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame BE7F 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7a73c290-0aff-4260-6dee-d983676cfc18%26reqId%3D2f33f521-1ee1-46c4-757c-14d1e40a86d3%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 17 Aug 2023 11:24:04 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame BE7F 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:24:b001:ea7e:ead4:fe95:47ef Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
mw
mwzeom.zeotap.com/ Frame BE7F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=7a73c290-0aff-4260-6dee-d983676cfc18&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=7a73c290-0aff-4260-6dee-d983676cfc18&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=62085116018922815660089771698506459570&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=62085116018922815660089771698506459570&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f818c724bdd1a7d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v050-09ffa1c7c.edge-irl1.demdex.com 8 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
49ZHoLzKTAk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=62085116018922815660089771698506459570&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame BE7F 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame BE7F
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=7a73c290-0aff-4260-6dee-d983676cfc18&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023081713-66551-0.669205001692271444-e3d279e47b287347148831ac4a454c76&zdid=533&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2023081713-66551-0.669205001692271444-e3d279e47b287347148831ac4a454c76&zdid=533&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f818c719b041a7d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2023081713-66551-0.669205001692271444-e3d279e47b287347148831ac4a454c76&zdid=533&env=mWeb
Date
Thu, 17 Aug 2023 11:24:04 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame BE7F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7268250507939412111&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7268250507939412111&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f818c710a0c1a7d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7268250507939412111&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Date
Thu, 17 Aug 2023 11:24:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame BE7F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=7a73c290-0aff-4260-6dee-d983676cfc18
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=7a73c290-0aff-4260-6dee-d983676cfc18
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=7a73c290-0aff-4260-6dee-d983676cfc18
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=7a73c290-0aff-4260-6dee-d983676cfc18
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame BE7F
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=7a73c290-0aff-4260-6dee-d983676cfc18&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=yqYQXL0CA0b6r1x7GjP9Ne&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46...
95 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=yqYQXL0CA0b6r1x7GjP9Ne&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f818c710a0d1a7d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
last-modified
Thu, 17 Aug 2023 11:24:04 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=yqYQXL0CA0b6r1x7GjP9Ne&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame BE7F 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=7a73c290-0aff-4260-6dee-d983676cfc18&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.81 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame BE7F
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=7a73c290-0aff-4260-6dee-d983676cfc18?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f818c71bb3d1a7d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
cache-control
no-cache
x-server
10.45.29.59
content-length
0
expires
0
cms
ups.analytics.yahoo.com/ups/58697/ Frame BE7F
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
content-language
en
location
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
content-type
text/html
cache-control
no-store
content-length
343
mw
mwzeom.zeotap.com/ Frame BE7F
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=dxDSvG56TBxQy0upfjRoAG9yTihRSmPu%2BS41iYitP1U%3D
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=dxDSvG56TBxQy0upfjRoAG9yTihRSmPu%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f818c724be01a7d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=dxDSvG56TBxQy0upfjRoAG9yTihRSmPu%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame BE7F 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=7a73c290-0aff-4260-6dee-d983676cfc18&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame BE7F 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.162.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-162-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by
beacon-n022-dub-prod.krxd.net
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
private, no-cache, no-store
x-request-time
D=40 t=1692271444
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame BE7F 		95 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=7a73c290-0aff-4260-6dee-d983676cfc18&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/png
date
Thu, 17 Aug 2023 11:24:11 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame BE7F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZN4DVAAJOvhoaAA_&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZN4DVAAJOvhoaAA_&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f818c71ab181a7d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-fra-etou8220104-FRA
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1692271445.589210,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZN4DVAAJOvhoaAA_&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame BE7F
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
54.154.162.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-162-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by
beacon-n001-dub-prod.krxd.net
date
Thu, 17 Aug 2023 11:24:05 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1692271445
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
date
Thu, 17 Aug 2023 11:24:05 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a017-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame BE7F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7a73c290-0aff-4260-6dee-d983676cfc18&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6de...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7a73c290-0aff-4260-6dee-d983676cfc18&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6de...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7a73c290-0aff-4260-6dee-d983676cfc18&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VPATSEYTW3KK7TVTHFEM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0FBHFC4HQ2S9YKQ68RZE
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7a73c290-0aff-4260-6dee-d983676cfc18&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame BE7F 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=7a73c290-0aff-4260-6dee-d983676cfc18&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame BE7F
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7a7...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f818c737dbf1a7d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
date
Thu, 17 Aug 2023 11:24:04 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame BE7F 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=7a73c290-0aff-4260-6dee-d983676cfc18&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncd
x.bidswitch.net/ Frame BE7F 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=7a73c290-0aff-4260-6dee-d983676cfc18&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7a73c290-0aff-4260-6dee-d983676cfc18%26reqId%3D2f33f521-1ee1-46c4-757c-14d1e40a86d3%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.27.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-27-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame BE7F 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f818c724bf71a7d-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame BE7F 		557 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c1ee06e239e0c691b9089a6d9f8ba0ae38caf44ba41671d16c80821d55a7f99
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f818c70a96f1a7d-FRA
access-control-allow-headers
*
usync.js
eus.rubiconproject.com/ Frame 61B0 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6c0aad09d2e9f6415bba4210ec032a41dcdea45b6223dcac746f359cbe946823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 22:52:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41231
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 22:51:15 GMT
container.html
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3C02 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Fri, 16 Aug 2024 11:24:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.jpg
token.rubiconproject.com/ Frame 61B0 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
s.amazon-adsystem.com/ Frame 6C2F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D1ZWD65S0XXXP2VHB8ZS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6C2F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 6C2F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN4DVEwaCwBfIjOatYFQKQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXSDQRyVbojB4Cu0n9FDsI&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXSDQRyVbojB4Cu0n9FDsI&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXSDQRyVbojB4Cu0n9FDsI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6C2F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBMJPcEHdRpCZYQio14SYJ4&google_cver=1
43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBMJPcEHdRpCZYQio14SYJ4&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNAbPsFdIKZ2q13I5zYvTqVZ1ut2viUEixM7UaJGT9FWfldXaeZhkYSu63hoM5d%2BihK3y1BqpI09Nm66tbejAiZvE4XEma4er1Nh6hvNYfBjuiYvWhzLWkxr5AcSJOPQ0GaoemOXQQ%2F%2BXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f818c71c8c72c2d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBMJPcEHdRpCZYQio14SYJ4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6C2F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN4DVAAJOvhoaAA_
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN4DVAAJOvhoaAA_
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fra-etou8220104-FRA
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692271445.660422,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN4DVAAJOvhoaAA_
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum.casalemedia.com/ Frame 6C2F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7459351539056021238
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7459351539056021238
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
an-x-request-uuid
d2ae9c31-cc5d-4fef-b48d-fef75e21f5f2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7459351539056021238
x-proxy-origin
81.95.5.35; 81.95.5.35; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6C2F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2407697930668253618&expiration=1693481044
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2407697930668253618&expiration=1693481044
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2407697930668253618&expiration=1693481044
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum.casalemedia.com/ Frame 6C2F
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1692357844
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1692357844
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1692357844
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
um
u-ams03.e-planning.net/ Frame 6C2F 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=f37e14df79e0be88&uid=ZN4DVEwaCwBfIjOatYFQKQAA%263265
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Df37e14df79e0be88%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Thu, 17 Aug 2023 11:24:04 GMT
content-type
image/gif
container.html
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D596 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Fri, 16 Aug 2024 11:24:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cc.jpeg
px.vliplatform.com/imp-v4/ 		0
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNyYaUyBYr-qUBY-Prrw-qAYM-eBwyZrTqrreeRqxeNRwNqrb_TZYdtroqRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNTAMBMPRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqquIIHWpPzM5nthL%2BIypG37shKUmzS62qqYyvSg%2Fx8XhIgsAkKZFbFrec01k5j39KNx4y%2BX4U0KSMr2aUEtIVlirHpYaWdSnTZp0PTre9JrULJs5R6doew1hjTe7KCgMBJX4bFAB0uAGdlGGwGy7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c7129143689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
container.html
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ADA5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Fri, 16 Aug 2024 11:24:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cc.jpeg
px.vliplatform.com/imp-v4/ 		0
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNAeBYUAMT-TyTe-PTtA-wPaq-UTaZtrPerUrPRqxeNRwNqrb_TZYdtroqRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNTAKUUKRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFaol8TK01rK2wxPmaHqdEbevs6dJ3xVMtPsOu85fXKrzzKUTnFjmJPwhKvxQr4Y%2FuIBDoih4%2BPH5w7E1RQjWrBn06YuV7paVeB0VmVWy5w2X1eVTCmp7atod2XwLn7XXFjKKnbt8i9paFlW2w1Y0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c7139243689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
usersync
usersync.gumgum.com/ Frame D8F1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7459351539056021238
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7459351539056021238
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:04 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
an-x-request-uuid
90bead8a-5d0e-455a-ae3b-8f983d09151a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7459351539056021238
x-proxy-origin
81.95.5.35; 81.95.5.35; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame D8F1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_39063449-6c63-4b6e-b9d0-511c97732e5b&gdpr=&gdpr_consent=&us_privacy=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=FKKOXRKl3wwPpIwPEKLHXBSmjg0Ppd1cRqEdN--P
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=FKKOXRKl3wwPpIwPEKLHXBSmjg0Ppd1cRqEdN--P
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
H2
Server
3.124.27.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-27-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=FKKOXRKl3wwPpIwPEKLHXBSmjg0Ppd1cRqEdN--P
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
syncPlatform
sync.outbrain.com/ Frame D8F1
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ZxK_iBduv2W3Ab9Xwj8fJWPAeOraH0BzpCY6sx8QjZHJhtFiA8VAhRDrDBRkkD0f%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_39063449-6c63-4b6e-b9d0-511c97732e5b&obuid=ENC(ZxK_iBduv2W3Ab9Xwj8fJWPAeOraH0BzpCY6sx8QjZHJhtFiA8VAhRDrDBRkkD0f)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
no-cache
X-TraceId
c5cf0fa41dd77b398e6e0f7a7fe7b783
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date
Thu, 17 Aug 2023 11:24:05 GMT
X-TraceId
c1867982c407e4ee77d92593abffa0df
Content-Length
0
cm
us-u.openx.net/w/1.0/ Frame D8F1 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame D8F1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:04 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35
Date
Thu, 17 Aug 2023 11:24:04 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame D8F1 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:5fd4:6fb0:e48:6d7e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame D8F1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=74028443-b1bd-4f33-8a88-39ffc4005428
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=74028443-b1bd-4f33-8a88-39ffc4005428
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=74028443-b1bd-4f33-8a88-39ffc4005428
Date
Thu, 17 Aug 2023 11:24:05 GMT
Connection
keep-alive
X-CI-RTID
ed89fd38-14dc-4536-bfef-3ccc820d98c0
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame D8F1
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://rtb.gumgum.com/
x-varnish
478619773
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame D8F1 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame D8F1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_39063449-6c63-4b6e-b9d0-511c97732e5b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame D8F1
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=feb9cd5c-c1ec-41fe-96bb-a57d5dded66d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=feb9cd5c-c1ec-41fe-96bb-a57d5dded66d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=feb9cd5c-c1ec-41fe-96bb-a57d5dded66d
access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:24:04 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame D8F1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=C76w5hsDfHFS&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=C76w5hsDfHFS&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:04 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=C76w5hsDfHFS&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-kq89m
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame D8F1 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-length
0
um
sync.e-planning.net/ Frame D8F1 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=f37e14df79e0be88&uid=e_39063449-6c63-4b6e-b9d0-511c97732e5b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Thu, 17 Aug 2023 11:24:04 GMT
content-type
image/gif
css2
fonts.googleapis.com/ Frame 3C02 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 10:34:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 11:24:04 GMT
dr
as.ad4m.at/ad/ Frame 0E39 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hgp7t80j7e098aj2svka5nvxy7d7wt5f41jzfjc7bj5va0m8nqvrrbg9p6frvgjm6bt47vxxkcyx357ezwktk9hwectzgm8b9b003e0h22dnc043gmmty1vzcmp9n6gezj05546qxhwxat9er9qrmp5xm5h37rxqxzatpcfkx5hna1xgpcegfaz3nxa8nywx250xb3j68z5cpjhdmx29vmffqncv0r5b5me0df1rje1r3xxqxfp651beyrqnva2rkgke28aqmpzmg3hn6fwz48e9as5w2yvn5mk8f48cnz2pztvq8cfcgrv9vgt26jyxvwzs0jr210gyhxpd52n1zwchgn1027aah2860hqy595gc9yc2rh4z9gy94g0n765xmzvax5s2k242ph85ztxdzskjvz9zc853kezccba9d6f4qfmjr7x8pyy2wmm7mh2r8cbqfnnzfg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%26client%3Dca-pub-8278416939377896%26adurl%3D
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d886af5ec20b49cb2f904d7e16b7b13666098cca9ca60275b9d38d59e55e0fa
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f818c7188985c44-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 8666 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 10:30:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
3224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 10:30:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9545 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8354
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 09:04:50 GMT
etag
48472445140208031
expires
Fri, 18 Aug 2023 09:04:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 8666 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:15:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
47344
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:15:00 GMT
l
www.google.com/ads/measurement/ Frame 8666 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRr-oDzzJex05tEc5wAeGCW7Azg5t421gr99el-ReF0KpUxB9_gfLSWg0N3QmrBmOyK5qOmPI2_pEV9xOJ9dWzBnebg5Q
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8666 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 21:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
49097
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Aug 2024 21:45:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8666 		180 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 11:24:04 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 3C02 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:17:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
47176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8570
x-xss-protection
0
server
cafe
etag
11167480076894372452
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:17:48 GMT
usersync
usersync.gumgum.com/ Frame 0542
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZN4DVAAJOvhoaAA_&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZN4DVAAJOvhoaAA_&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:24:04 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 17 Aug 2023 11:24:04 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZN4DVAAJOvhoaAA_&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-etou8220104-FRA
x-timer
S1692271445.720592,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 5861 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zOTA2MzQ0OS02YzYzLTRiNmUtYjlkMC01MTFjOTc3MzJlNWI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B35D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91874
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Fri, 18 Aug 2023 12:55:18 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 0FA3 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 17 Aug 2023 11:24:04 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame FD43
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZN4DVcCo5tAAAO1iymoAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZN4DVcCo5tAAAO1iymoAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:24:05 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 17 Aug 2023 11:24:05 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZN4DVcCo5tAAAO1iymoAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad63.dc4p.scaleout.jp
X-SO-IP
81.95.5.35
X-SO-Key
ZN4DVcCo5tAAAO1iymoAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZN4DVcCo5tAAAO1iymoAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad63"}
X-SO-LB-Hostname
a-tgng40012.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad63
gumgum
cs.admanmedia.com/sync/ Frame 6376 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_39063449-6c63-4b6e-b9d0-511c97732e5b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Thu, 17 Aug 2023 11:24:07 GMT
Server
nginx
Transfer-Encoding
chunked
afr.php
ads.eu.criteo.com/delivery/r/ Frame 7B60 		211 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
35300af449794bc2039402103b1593ee932a1aa8e645922ae7811058e736517e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=I1p7H3bqLKGb_3jjReJpoDUXYRwyfUvpVaubx7lAO1MYebaSgHVEb8vbOIglDm_j6GF_R4IDxOhMmRhubNTLygG-6eQjFHqNOCuWlMDHgOkAriNOnP0InRz0mUexqaLPIDgbQNf_4f_UqLzikVQYNnV4KiynBKmCV2ouhEEEqk7GtGZ6GO9IE9GZMz4N7XyTKFJoKM7fsjhT5OgHzl_0zM3CNja26CIr9e486aG6kk5CInmmaJB3pxOmKnyEyNFS2B4K6A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
75441210
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame D596 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 10:30:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
3224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 10:30:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DA3F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8354
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 09:04:50 GMT
etag
48472445140208031
expires
Fri, 18 Aug 2023 09:04:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame D596 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:15:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
47344
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:15:00 GMT
l
www.google.com/ads/measurement/ Frame D596 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRLCSAEZJY6vo92rmNjZNc3tEzCkGP4gAMs3puQZz5AkPek1A9Zm6PBVuK0m-dT1JWnFv0tiS5ESkjLVzvMC9lp1YWOUw
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D596 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 21:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
49097
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Aug 2024 21:45:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D596 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 11:24:04 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 9B42 		43 B
777 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f818c71c8c12c2d-FRA
content-length
43
content-type
image/gif
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVX4paHUYYI4QjDJL0xl%2Bc%2FFridE3xStHzfQ9gQ7lXHxvkKnzJ4lvnS%2BHkm2%2F4VP%2FRc8RppENLJWdQwIBnZJZyIPOfPhBg9BuqWYQJnIaeyrac2E7xSr24FZwQ7NCvJ%2Fs1G9lCwriNTgoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 5816
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=mZ3nyFB0GpZRlmsuO8Rx&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=mZ3nyFB0GpZRlmsuO8Rx&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:24:04 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 17 Aug 2023 11:24:04 GMT Thu, 17 Aug 2023 11:24:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=mZ3nyFB0GpZRlmsuO8Rx&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame EA67
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 11:24:04 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 17 Aug 2023 11:24:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
creative_add_on.js
cti.w55c.net/ct/ Frame ADA5 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/creative_add_on.js?w=300&h=250&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTA2Ng&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&ciu=XROhqscfgR&btid=QUZCODAzQ0M0Q0E5OUUzMzhCNEM4QjY5MkU1MEZBQ0N8R0Z4cmQ3QWY2NnwxNjkyMjcxNDQ0NTIwfDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfC0xNTQ2NTA2MzgwX0VYfDM0MzM1fHx8fC4wUHxVU0Q&c=DE&dt=2dt0005&sd=securityaffairs.com&cip=1&hmt=1&uidu=CAESELACTqLMXj7VVEwXKg5YKrM&spidu=GOOGLE&pidu=15066&hmpvu=86029610-d173-4d76-8274-5b105055ae1c&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:5e00:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding
gzip
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
date
Sat, 12 Aug 2023 18:32:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-amz-cf-pop
DUS51-P2
age
406305
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 17 Sep 2021 21:17:39 GMT
server
AmazonS3
etag
W/"a6c8a5bdec77729759b220b95bf503f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
must-revalidate
x-amz-cf-id
KV-0KYbKlLet8yjfvyejenqN0DLRQiYmLkEabzp5d8NxLcLA0UphOA==
XassetCEYbEcSW.png
ads.w55c.net/t/d/ Frame ADA5 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.w55c.net/t/d/XassetCEYbEcSW.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=QUZCODAzQ0M0Q0E5OUUzMzhCNEM4QjY5MkU1MEZBQ0N8R0Z4cmQ3QWY2NnwxNjkyMjcxNDQ0NTIwfDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfC0xNTQ2NTA2MzgwX0VYfDM0MzM1fHx8fC4wUHxVU0Q&ei=GOOGLE&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMTkjMC4zMDg1MzgwOHxJQUI2LTQjMC4zMDg1MzgwOHxJQUI2IzAuMzA4NTM4MDh8SUFCMjUtMiMwLjIxMzg4ODMzfElBQjI1IzAuMjEzODg4MzN8SUFCMyMwLjA4Njc0MTEyfElBQjE1IzAuMDY4Mzc1NjN8SUFCMTUtOCMwLjA1NTQ1MTc3N3xJQUIxNS0zIzAuMDU1NDUxNzc3fElBQjI1LTEjMC4wMzgzNTUzMw&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&ts=1692271444527&c=DE&r=G-BY&epid=R0wxNTA2Ng&mi=d2Vi&wp_exchange=NWP
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:a000:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cc53b9adf139d3c48666f76e1d316281c5e9065f7eeaa3fb329057c397f83e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
pTSK_3aD6MH1NhuW2vrruciFx4wLs9g_
date
Thu, 17 Aug 2023 03:47:19 GMT
via
1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
27406
x-amz-server-side-encryption
AES256
x-amz-meta-width
300
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-filesize
65085
x-amz-meta-height
250
content-length
65085
last-modified
Wed, 03 May 2023 17:26:36 GMT
server
AmazonS3
etag
"38988cf71c0e9e66d0bb0693f05250c3"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
b7bPIBQN7c2ilalhMai84M25PMqYlJU7URzZ3r5XeNE9Oob3nDfqyQ==
pixel.php
t.hspvst.com/ Frame ADA5 		95 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.hspvst.com/pixel.php?id=2677&t=P&cb=3179034969373011
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.58.197.185 , Philippines, ASN174 (COGENT-174, US),
Reverse DNS
staticip-hv4m185.hispavista.com
Software
Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:04 GMT
Server
Apache
X-Powered-By
PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding
chunked
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
image/png
Cache-Control
max-age=315360000
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=3, max=1000
Expires
Sun, 14 Aug 2033 11:24:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame ADA5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 10:30:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
3224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 10:30:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame ADA5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:15:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
47344
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:15:00 GMT
l
www.google.com/ads/measurement/ Frame ADA5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrkaGEmm84lTJ7lvjENfEi4qLZgw_dC8GgVkeVHmK1TWNWZa9IQdgjJadEmgdst3UMcQLVR_pUDU2L7LFNpZE37DGSDw
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame ADA5 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 21:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
49097
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Aug 2024 21:45:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ADA5 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 11:24:04 GMT
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 0E39 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hgp7t80j7e098aj2svka5nvxy7d7wt5f41jzfjc7bj5va0m8nqvrrbg9p6frvgjm6bt47vxxkcyx357ezwktk9hwectzgm8b9b003e0h22dnc043gmmty1vzcmp9n6gezj05546qxhwxat9er9qrmp5xm5h37rxqxzatpcfkx5hna1xgpcegfaz3nxa8nywx250xb3j68z5cpjhdmx29vmffqncv0r5b5me0df1rje1r3xxqxfp651beyrqnva2rkgke28aqmpzmg3hn6fwz48e9as5w2yvn5mk8f48cnz2pztvq8cfcgrv9vgt26jyxvwzs0jr210gyhxpd52n1zwchgn1027aah2860hqy595gc9yc2rh4z9gy94g0n765xmzvax5s2k242ph85ztxdzskjvz9zc853kezccba9d6f4qfmjr7x8pyy2wmm7mh2r8cbqfnnzfg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%26client%3Dca-pub-8278416939377896%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hgp7t80j7e098aj2svka5nvxy7d7wt5f41jzfjc7bj5va0m8nqvrrbg9p6frvgjm6bt47vxxkcyx357ezwktk9hwectzgm8b9b003e0h22dnc043gmmty1vzcmp9n6gezj05546qxhwxat9er9qrmp5xm5h37rxqxzatpcfkx5hna1xgpcegfaz3nxa8nywx250xb3j68z5cpjhdmx29vmffqncv0r5b5me0df1rje1r3xxqxfp651beyrqnva2rkgke28aqmpzmg3hn6fwz48e9as5w2yvn5mk8f48cnz2pztvq8cfcgrv9vgt26jyxvwzs0jr210gyhxpd52n1zwchgn1027aah2860hqy595gc9yc2rh4z9gy94g0n765xmzvax5s2k242ph85ztxdzskjvz9zc853kezccba9d6f4qfmjr7x8pyy2wmm7mh2r8cbqfnnzfg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%26client%3Dca-pub-8278416939377896%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
691855
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4O4nx3qaw0rMGu2T%2Bj7prHMv%2Bl5MDF%2F2lMi84fEcmtBJAEOMXySNLAK0F6AO6hStpdNWLeG0KxYYiQTlYE95Hp7aPgC%2B%2FNphFeF9lSekCYHd22UFxWBkf7wrsmfX%2FtzDPpKWZussOoQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f818c72193e5c44-FRA
expires
Thu, 17 Aug 2023 12:24:04 GMT
r62eglto.js
ad4m.at/ Frame 0E39 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hgp7t80j7e098aj2svka5nvxy7d7wt5f41jzfjc7bj5va0m8nqvrrbg9p6frvgjm6bt47vxxkcyx357ezwktk9hwectzgm8b9b003e0h22dnc043gmmty1vzcmp9n6gezj05546qxhwxat9er9qrmp5xm5h37rxqxzatpcfkx5hna1xgpcegfaz3nxa8nywx250xb3j68z5cpjhdmx29vmffqncv0r5b5me0df1rje1r3xxqxfp651beyrqnva2rkgke28aqmpzmg3hn6fwz48e9as5w2yvn5mk8f48cnz2pztvq8cfcgrv9vgt26jyxvwzs0jr210gyhxpd52n1zwchgn1027aah2860hqy595gc9yc2rh4z9gy94g0n765xmzvax5s2k242ph85ztxdzskjvz9zc853kezccba9d6f4qfmjr7x8pyy2wmm7mh2r8cbqfnnzfg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%26client%3Dca-pub-8278416939377896%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
154417
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLRAIc623g8PgRjTfk%2B2psfVyTLyoNurgjmvcFU30gY7kIw2YZ%2FNbLpI3%2B4qeLT3wOrNcajpIbE8IhpssITIOVSYRLkA44sIdJKUhrYuAaNBv9F0E3ojZ4tgkynpnAEc9e%2FzSlg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7f818c72195c5c44-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 15 Aug 2023 16:30:17 GMT
container.html
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FB4F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Fri, 16 Aug 2024 11:24:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
services.vlitag.com/passback/ Frame AD70 		671 B
623 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/passback/?t=1692256733&d=24493&z=107673&divID=vi_24493107673_1&w=970&h=250&geo=CH&hn=securityaffairs.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e9b01c66b444e890378db9d97922a8a76cda78ab90265fe726836e8b7bf276

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c722a5c371d-FRA
alt-svc
h3=":443"; ma=86400
pixel
cm.g.doubleclick.net/ Frame 9545
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJAcSOkKtNo_FQ864BGY5Ro&google_cver=1&google_push=AXcoOmSIyuMx4S0tw24Z4W2x-9FDNDoTUfqx7jKvner5bg2b2xVchLjCXfArl5L2zBeZGn99gmZj1Am9J3TOGKlh...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSIyuMx4S0tw24Z4W2x-9FDNDoTUfqx7jKvner5bg2b2xVchLjCXfArl5L2zBeZGn99gmZj1Am9J3TOGKlhOnEgsJfL6i0XtQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSIyuMx4S0tw24Z4W2x-9FDNDoTUfqx7jKvner5bg2b2xVchLjCXfArl5L2zBeZGn99gmZj1Am9J3TOGKlhOnEgsJfL6i0XtQ
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 17 Aug 2023 11:24:04 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x13 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSIyuMx4S0tw24Z4W2x-9FDNDoTUfqx7jKvner5bg2b2xVchLjCXfArl5L2zBeZGn99gmZj1Am9J3TOGKlhOnEgsJfL6i0XtQ
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 17 Aug 2023 11:24:03 GMT
pixel
cm.g.doubleclick.net/ Frame 9545
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk40RFZBQUpPdmhvYUFBXw==&google_gid=CAESECY2xyOeYGe-PZW3hBSpUNg&google_cver=1&google_push=AXcoOmQQkev1T4QfWQ-ZQnUQRUb7O_pw6Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk40RFZBQUpPdmhvYUFBXw==&google_gid=CAESECY2xyOeYGe-PZW3hBSpUNg&google_cver=1&google_push=AXcoOmQQkev1T4QfWQ-ZQnUQRUb7O_pw6Zjytr5-uT5sqqcKFLn78SvItUA3-KX8Jz5GHCTBPLpCP6dEpGZfaiEFZCbnkOy7O3P_ig
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220104-FRA
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692271445.840654,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk40RFZBQUpPdmhvYUFBXw==&google_gid=CAESECY2xyOeYGe-PZW3hBSpUNg&google_cver=1&google_push=AXcoOmQQkev1T4QfWQ-ZQnUQRUb7O_pw6Zjytr5-uT5sqqcKFLn78SvItUA3-KX8Jz5GHCTBPLpCP6dEpGZfaiEFZCbnkOy7O3P_ig
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 9545
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFMOi6ZRly9ZN3hx20shZjI&google_cver=1&google_push=AXcoOmQuPeAm29VsTf2RLR6xZ29y-rOzoV4Fu64wEfY2bD9Yl0RmjiXnmqN26KJgl_WhBaNKz1L_WZ4mSpaVZioGNJOTYm0RW6K8
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CB22D64B9FCB4F978BEE2013A9CA74BD&google_push=AXcoOmQuPeAm29VsTf2RLR6xZ29y-rOzoV4Fu64wEfY2bD9Yl0RmjiXnmqN26KJgl_WhBaNKz1L_WZ4mSpaVZio...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CB22D64B9FCB4F978BEE2013A9CA74BD&google_push=AXcoOmQuPeAm29VsTf2RLR6xZ29y-rOzoV4Fu64wEfY2bD9Yl0RmjiXnmqN26KJgl_WhBaNKz1L_WZ4mSpaVZioGNJOTYm0RW6K8
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CB22D64B9FCB4F978BEE2013A9CA74BD&google_push=AXcoOmQuPeAm29VsTf2RLR6xZ29y-rOzoV4Fu64wEfY2bD9Yl0RmjiXnmqN26KJgl_WhBaNKz1L_WZ4mSpaVZioGNJOTYm0RW6K8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 16 Aug 2023 11:24:04 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 9545 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE_BEbZUDUDGeymwYZwC-AA&google_cver=1&google_push=AXcoOmRDekf45hYvf4AJt-Osuj1WdT6X8rn8gcj3uFke7yVciCptJjT61HpkjoQZY0SWiIUYEXwzoalHD4IANWapd5amixHw1FGJbQ
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
adx
pr-bh.ybp.yahoo.com/sync/ Frame 9545 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJCnMwhwXNZN1vZTq9s0h4s&google_cver=1&google_push=AXcoOmRBtnlXaEjuQ2cCJaJ4LM0YTWpYEIGoukylWSdcTJeiy236bhC2h_QCseeTjUzDz1Bavr-xoHZ5M5pXusUGvuiXK47vb_uh1A
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:5fd4:6fb0:e48:6d7e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
pixel
cm.g.doubleclick.net/ Frame 9545
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB_HjQVlo0e8f6wYtcm22Hg&google_cver=1&google_push=AXcoOmQVQ0ZOXZM1Eoy1Mep5DovTINqrXE9Fqh2aIQL7bVVjH7KsSHl13NPX4TXAWfltZVE5hFzo9WGJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNzY5NzkzMDY2ODI1MzYxOA&google_push=AXcoOmQVQ0ZOXZM1Eoy1Mep5DovTINqrXE9Fqh2aIQL7bVVjH7KsSHl13NPX4TXAWfltZVE5hFzo9W...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNzY5NzkzMDY2ODI1MzYxOA&google_push=AXcoOmQVQ0ZOXZM1Eoy1Mep5DovTINqrXE9Fqh2aIQL7bVVjH7KsSHl13NPX4TXAWfltZVE5hFzo9WGJlusTEi52IB6MzjACPgdgAA
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNzY5NzkzMDY2ODI1MzYxOA&google_push=AXcoOmQVQ0ZOXZM1Eoy1Mep5DovTINqrXE9Fqh2aIQL7bVVjH7KsSHl13NPX4TXAWfltZVE5hFzo9WGJlusTEi52IB6MzjACPgdgAA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9545
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSA98...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-KuNIiWVUijCBLPOBHfHPjC6stbhfOXQDq5-NMg&google_push=AXcoOmSA98R38aUDFlxNGpc9Iedtxwn9uyv66BeuVJFQqqfRTbwfocjm93RqLE-ZkSSd1VPWX6szOfian-yu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-KuNIiWVUijCBLPOBHfHPjC6stbhfOXQDq5-NMg&google_push=AXcoOmSA98R38aUDFlxNGpc9Iedtxwn9uyv66BeuVJFQqqfRTbwfocjm93RqLE-ZkSSd1VPWX6szOfian-yut7Ms2KdTJoVOyYJKKA
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-KuNIiWVUijCBLPOBHfHPjC6stbhfOXQDq5-NMg&google_push=AXcoOmSA98R38aUDFlxNGpc9Iedtxwn9uyv66BeuVJFQqqfRTbwfocjm93RqLE-ZkSSd1VPWX6szOfian-yut7Ms2KdTJoVOyYJKKA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
754177
content-length
0
expires
Thu, 17 Aug 2023 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9545 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ihk0Lq7z6Bu34kLQvKQePId1406PYYB81W1jwVaqkjK-6GvwTvxImdkI7lSchm8TUYWI1V
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame EA67 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6c0aad09d2e9f6415bba4210ec032a41dcdea45b6223dcac746f359cbe946823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 22:52:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41231
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 22:51:15 GMT
pixel
cm.g.doubleclick.net/ Frame DA3F
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDUWpb5IrFdpo56A_cdvk4A&google_cver=1&google_push=AXcoOmSWYRKZkWXm5h87EKBoAxY77UEzIBhvlLXkAmaj7m_jqvx_3AgU0p...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSWYRKZkWXm5h87EKBoAxY77UEzIBhvlLXkAmaj7m_jqvx_3AgU0pdGnDVnbRQ3BknctbTDFzrvE4essLRdpokMnHME9xo&google_hm=E9karhdj3k1Yx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSWYRKZkWXm5h87EKBoAxY77UEzIBhvlLXkAmaj7m_jqvx_3AgU0pdGnDVnbRQ3BknctbTDFzrvE4essLRdpokMnHME9xo&google_hm=E9karhdj3k1Yx4dMZWs2qw
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSWYRKZkWXm5h87EKBoAxY77UEzIBhvlLXkAmaj7m_jqvx_3AgU0pdGnDVnbRQ3BknctbTDFzrvE4essLRdpokMnHME9xo&google_hm=E9karhdj3k1Yx4dMZWs2qw
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DA3F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJAcSOkKtNo_FQ864BGY5Ro&google_cver=1&google_push=AXcoOmQjB5GxsSSNwGjv_A50RueVhR4COkhDOnimUx_JhZBTKh86s0RuqrDybLz01jXwUYgx7nCoGph7W7tHOIvl...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=68dk3gNUQwCiWWf3VrXFqA&google_push=AXcoOmQjB5GxsSSNwGjv_A50RueVhR4COkhDOnimUx_JhZBTKh86s0RuqrDybLz01jXwUYgx7nCoGph7W7tHOIvlepZR7pbPRgI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=68dk3gNUQwCiWWf3VrXFqA&google_push=AXcoOmQjB5GxsSSNwGjv_A50RueVhR4COkhDOnimUx_JhZBTKh86s0RuqrDybLz01jXwUYgx7nCoGph7W7tHOIvlepZR7pbPRgI
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 17 Aug 2023 11:24:04 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x11 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=68dk3gNUQwCiWWf3VrXFqA&google_push=AXcoOmQjB5GxsSSNwGjv_A50RueVhR4COkhDOnimUx_JhZBTKh86s0RuqrDybLz01jXwUYgx7nCoGph7W7tHOIvlepZR7pbPRgI
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 17 Aug 2023 11:24:03 GMT
i.match
a.tribalfusion.com/ Frame DA3F 		43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEEu9gtAcpkOxbGU9cpBgNxM&google_cver=1&google_push=AXcoOmSoxp2GI7fDchzLaVCP-m7w6935WAm51vFv47IPA6bGEKMsHCfmUoMNHsQ04fchEe6oOQKREgUAwyatdsupuvlRJQ_0_HE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSoxp2GI7fDchzLaVCP-m7w6935WAm51vFv47IPA6bGEKMsHCfmUoMNHsQ04fchEe6oOQKREgUAwyatdsupuvlRJQ_0_HE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f818c729d8c3735-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DA3F
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE_BEbZUDUDGeymwYZwC-AA&google_cver=1&google_push=AXcoOmRxZt862a-8YDUAyvrg6Cfy1MYpdvS0wcLK3jQQ8quP1NLNpz_uWM-GAulzMCrXyqsxT7mIYyuxPxtRas...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRxZt862a-8YDUAyvrg6Cfy1MYpdvS0wcLK3jQQ8quP1NLNpz_uWM-GAulzMCrXyqsxT7mIYyuxPxtRasPoe-owHdWb67I&google_hm=hmTeA1SRozyQx_G4dw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRxZt862a-8YDUAyvrg6Cfy1MYpdvS0wcLK3jQQ8quP1NLNpz_uWM-GAulzMCrXyqsxT7mIYyuxPxtRasPoe-owHdWb67I&google_hm=hmTeA1SRozyQx_G4dw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64DE035491A33C90C7F1B877BLIS
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRxZt862a-8YDUAyvrg6Cfy1MYpdvS0wcLK3jQQ8quP1NLNpz_uWM-GAulzMCrXyqsxT7mIYyuxPxtRasPoe-owHdWb67I&google_hm=hmTeA1SRozyQx_G4dw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64DE035491A33C90C7F1B877BLIS
date
Thu, 17 Aug 2023 11:24:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame DA3F 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEHvaIFBp_gd0RgbrWku9WU&google_cver=1&google_push=AXcoOmQRHdEXRFRTNlDV3esujSlqo7dHTgpnz9fWngqEHlLi2GhYj66GwISnrmHQ08bKJUk6GpG5LEmZ8PF1rThmfsK7Taiw30U
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.27.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-27-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame DA3F
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOwLYX5aI3LKquDBNipKoOs&google_cver=1&google_push=AXcoOmTX72IGYieaH44fD3akkfZBc5mXAIleq0cx4IverhQUtfw7_ukay2X7Wqima_HlnHB7ehjZ573xb9QLfFyS0ozr9XnqWA
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTX72IGYieaH44fD3akkfZBc5mXAIleq0cx4IverhQUtfw7_ukay2X7Wqima_HlnHB7ehjZ573xb9QLfFyS0ozr9XnqWA&...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D&google_push=AXcoOmTX72IGYieaH44fD3akkfZBc5mXAIleq0cx4IverhQUtfw7_ukay2X7Wq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D&google_push=AXcoOmTX72IGYieaH44fD3akkfZBc5mXAIleq0cx4IverhQUtfw7_ukay2X7Wqima_HlnHB7ehjZ573xb9QLfFyS0ozr9XnqWA
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D&google_push=AXcoOmTX72IGYieaH44fD3akkfZBc5mXAIleq0cx4IverhQUtfw7_ukay2X7Wqima_HlnHB7ehjZ573xb9QLfFyS0ozr9XnqWA
date
Thu, 17 Aug 2023 11:24:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ups.analytics.yahoo.com/ups/58281/ Frame DA3F 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDAqx6Lb9CPtDL84UgXhmq8&google_cver=1&google_push=AXcoOmQ6s7vx-fl0mKF0eRA9VmwnnE7w0KTduy_o1lc4BzWmbDyFesF6guKOhRpnWMDHPlT85P7Yx51412mpz7_03RZNVmK-9wZQ
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame DA3F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JtrUGL25w2OK6-PLkYj3yzg5JS7bziOECUWZhMpU8HHBjjiSmgnFhAbCkQVCjRdo7aJeTdnQ
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 683E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8354
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 09:04:50 GMT
etag
48472445140208031
expires
Fri, 18 Aug 2023 09:04:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.jpg
token.rubiconproject.com/ Frame EA67 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
truncated
/ Frame D596 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7735586823a20c6cc7db8ac8d34a2b31c75d324240c014f719761935ca7a1880

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ADA5 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7fc1831e545e1630c2a6663a733fc8c16422cf3e4647afba3715703292227d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 7B60 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:24:05 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7B60 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:24:05 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 7B60 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 11 Aug 2024 11:24:05 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 7B60 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 11 Aug 2024 11:24:05 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 7B60 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=308OAAbVe7T5J-bNBIsZaqQ0QG5N_4aTEBc6dmqmcgMIOuSteNs_6EsqnxFM1RZsoL-8eEdeVZlwrI6sD1b0Mq5wvRb3vO9W-VqCBCmyS8MfzIrvs1rmgCCbIQ8uNVtvwflVVNL0zasrKsC57EYJDDFEqtGhEhhJW37zLAr9KHyrTVLZFfvzY1faKssiLpI_wdlZuZbRWytPGDna2WfMGyOHREJsGXXjY6rOk2RhZV5qESiVfzWpJQgS5WHgVU5DWAJAaKUS082atEhWlrKZVl0ZUdqyMgsby73KN-KMvAPjM9GBNhJWRtHBLgjP0A2Cb-S5cSvdYH5WpPRJ6XD2SjAnVerC36nKnrPbPBYe8Mb98r4JAFS8iYKVeqTX9dSW0lfH034wuNqwEczbmCRaCS-2Xx5E920IDGsLpmVPpKD8xhPSChHznvGfCrL7jSmvYx7mSOQTHMaf5Ib3U0szwhIHLuhCqmE7epRXR2vYTMXdFoWTBeUivPrq4MVtM1gdwF2zBV72Eqjl-zsI8sXt4ztinyXwNhjt4KybF4C9xsJXPXu5
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2313323
expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame ADA5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtDhpVAPeZMnaGezN1fAPhqCesA26iLSPXJzX7u6pCMCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0zOTYwMDk1NzA5OTMwMTM0yAEJ4AIAqAMByAMCqgTOAk_QGIxe8usOTu-XXPe2chIDGT0BRx2lPiAcBbPhlhj5JUHT1oSK3JBpzcWmMaoyjgMkGZEZ6C2lag2x6Bfa4QRWxOQydjqDk0R3dy854h_vLeq_wW8dLZ1w1tL0VB5FMH7dk7-oez_L6ExzNEQ7Nx4tAmwbSxS-O1VM2J3OFGeN6AOHnU_OxN3OTVuE5GzvKuGgOQ0D1K7wdzMampZ1iHzKc_tV6eZ0S1q1Fn39_5gvzm3NDy3JcbiwIs2Fkpyal5mkAmxc4sqDpSVZGrzDADtVLCZbrk2RramkMbCIlbEC5limpp0rckz-oVLvXO_Ii4IsVCf66Hyo7hkjLbT7oJxtUZqZgkkMlZcEoFxEV6IKNlB-g8ipzsUf5KuBif7_VPeXO9B8dlA4yyEX6F1SoSDa2iOsIrxhI2EzHEBSLyvi8y-3_LhMyUvkDtanqu_gBAGABqrQs-PQkfePuQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzk2MDA5NTcwOTkzMDEzNBjSrm0&sigh=qZxSSIwF4C8&uach_m=[UACH]&cid=CAQSPABpAlJWyhgaFKYyvFVEIPvYZvW2IYDT3ZtPBhbz-bvUIb1o8xAz69n2aljrV_MhIn5qTKPSZAFJMFI04xgB&cbvp=2&vis=1
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
a.gif
i.w55c.net/ Frame ADA5 		42 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=QUZCODAzQ0M0Q0E5OUUzMzhCNEM4QjY5MkU1MEZBQ0N8R0Z4cmQ3QWY2NnwxNjkyMjcxNDQ0NTIwfDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfC0xNTQ2NTA2MzgwX0VYfDM0MzM1fHx8fC4wUHxVU0Q&ei=GOOGLE&wp_exchange=ZN4DVAAGbUkIFWbsAAeQBmDIerdpquANHHSONw&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMTkjMC4zMDg1MzgwOHxJQUI2LTQjMC4zMDg1MzgwOHxJQUI2IzAuMzA4NTM4MDh8SUFCMjUtMiMwLjIxMzg4ODMzfElBQjI1IzAuMjEzODg4MzN8SUFCMyMwLjA4Njc0MTEyfElBQjE1IzAuMDY4Mzc1NjN8SUFCMTUtOCMwLjA1NTQ1MTc3N3xJQUIxNS0zIzAuMDU1NDUxNzc3fElBQjI1LTEjMC4wMzgzNTUzMw&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=securityaffairs.com&s=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&ts=1692271444527&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-BY&rnd=3179034969373011&epid=R0wxNTA2Ng&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dm=MU13R2ZKcjZ5OQ&l=ZW58fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=2&euid=Q0FFU0VMQUNUcUxNWGo3VlZFd1hLZzVZS3JN&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=s5COGNtosGzt_YSewoBT_A&buid=Xdb4DXiaK1Q&dv=MUxWSXJn&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESELACTqLMXj7VVEwXKg5YKrM&spidu=GOOGLE&pidu=15066&hmpvu=86029610-d173-4d76-8274-5b105055ae1c&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.33.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-33-96.eu-central-1.compute.amazonaws.com
Software
PixelTracking/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0dcb732bd13b1eb84@eu-central-1a@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:04 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PixelTracking/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0dcb732bd13b1eb84@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame AB43
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 11:24:05 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 17 Aug 2023 11:24:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 6102
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 11:24:05 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 17 Aug 2023 11:24:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
server
AkamaiGHost
cm
u.openx.net/w/1.0/ 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7B60 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
662711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgDX%2F%2FLyWaWORNdXklUkrqsmwDRAQh8VvV4oxaVIU7%2BRtdpAAwR0sbas9%2B202vzyZ4CqRiNYt1SeWBdw%2FrzCIAK%2Ba6AX57lP0VfmZ8A9knvPMqaTS%2Bq0nx5dQwVgAu0Z4Y6vC43LmB4c6jGTme0kS78X"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f818c73bba2363d-FRA
expires
Tue, 06 Aug 2024 11:24:05 GMT
animejs.js
static.criteo.net/animejs/ Frame 7B60 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:24:05 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame EA67 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
3.jpg
assets.vlitag.com/ads/970x250/ Frame AD70 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/ads/970x250/3.jpg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e84490029864ebfb264463dd1ea5121716356042348954c60e37902b91c6146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1145911
cf-polished
qual=85, origFmt=jpeg, origSize=53520
content-disposition
inline; filename="3.webp"
alt-svc
h3=":443"; ma=86400
content-length
20710
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Nov 2019 05:04:46 GMT
server
cloudflare
etag
"5dbbbcee-d110"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
7f818c73bc81371d-FRA
expires
Sun, 16 Jul 2023 05:15:28 GMT
container.html
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6A10 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Fri, 16 Aug 2024 11:24:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cc.jpeg
px.vliplatform.com/imp-v4/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNUaMPZYTe-KYZe-PUYT-MeeP-wUtAettTPTAKRqxeNRwNqrb_TZYdtroqRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNTAMBMBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRCopyX8wjosMLNO%2FODy%2FpHkyMQIpkZR8B7xUIJgabj1CIYrxfypI0BRa24%2B26dlGwqwHUwNP5mCM7DVwNrWGy3o5NCQwPrk96Z%2F0r0dIS%2BlyZs7O3wN8JC%2Bd1AmnsC92xL%2FzkKoBY89KQr0HwDpbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c73cd693689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
img
imageproxy.eu.criteo.net/img/ Frame 7B60 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=596&m=0&partner=97215&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F97215%2F230227%2Fa7aee2893a534249a6c8144c019c39f8_magnanni.logo-2x.jpg&v=3&w=196&s=p8kb3r6-PfgvtFq4TEPsxHri
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0a51b3c32576974ef48aa7c6bc2cd9b881ff3f229c90aa4d7fe9983c4842bbdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
1252
expires
Mon, 29 Jul 2024 05:03:33 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7B60 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F23859_men_minos_cuero_side.jpg&v=3&w=800&s=atIZjVfWtAYVfj6-ZvDTuUbp&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1bfb002bd9ffeb6d79cce44383d23a4f4bef1ba8b328338486d6aadd5089d12a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
22216
expires
Tue, 30 Jul 2024 07:57:43 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7B60 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F0%2F0%2F004462_1_dress-sock_red_sock_magnanni_front_1.jpg&v=3&w=800&s=X71uyZuWFJI6Cxs0OMsCpPIo&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
15457c8a7b18fd0a3ec329c78a7c9d5053b4b3f2ebf1a4ed998462dbd668bc6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
9376
expires
Wed, 31 Jul 2024 14:25:02 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7B60 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24777_men_maceo_black_side.jpg&v=3&w=800&s=Ogzb582U-NP1jSiPXiGzUUlC&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ec220e0c50cbe44662343fa05040645edeccb7fc4643da3bbec76c7110d17017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
14826
expires
Mon, 05 Aug 2024 21:51:22 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7B60 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F0%2F20089_men_camarena_black-cognac_side.jpg&v=3&w=800&s=zl5dO37SrC2bUwPc1_47xphT&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a1f291c7cd6d5a518e48858f44b210da38d95fdd51c3d7bddc640246ff9d6585
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
15982
expires
Wed, 31 Jul 2024 09:25:34 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7B60 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F23340_men_leiva_safari-grey_side.jpg&v=3&w=800&s=04YWWmwc0M1RjpQiJ4KVV_Kc&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5602a2fd4439dca6f5660a8b4c60de61e7fb2faf087a1e5c3535cf80e6bda837
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
19254
expires
Mon, 29 Jul 2024 07:54:50 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7B60 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24701_men_latham_midbrown_side_v2.jpg&v=3&w=800&s=8gZPADAIMLPdHHlaVUD1NSyd&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
90bf9270a48475f96375e66c516362c4e8965a5ca3875c614d00a72a8d264b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
16584
expires
Wed, 31 Jul 2024 08:01:53 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7B60 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F2%2F22961_men_severo_cognac_side.jpg&v=3&w=800&s=889a62B6wQuMP3r1WzhVC9ot&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
358540e12d98567a2ec53c2ba13ebc2328a6d90540918ca80e1d7505ced05464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
19474
expires
Thu, 01 Aug 2024 15:48:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7B60 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F2%2F22106_men_alexio_cognac_side.jpg&v=3&w=800&s=ZFTAI2tIoBOQFZUlnV0YKPRt&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3f96ad1b2fc8befcefc3a193034790288c16535c8e5ff66492f0285f95baf209
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
19250
expires
Tue, 30 Jul 2024 09:09:48 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7B60 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F5%2F25122_men_lorcio_navy-suede_side.jpg&v=3&w=800&s=2nRuXuYjBe8D8D6DWQvZ7wo7&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3b78d7040fc83096eef95b7e1b718fc871043655105aabda284b8b0b13417acb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
20968
expires
Wed, 31 Jul 2024 00:01:47 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7B60 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24441_men_costa-lo_cognac_side.jpg&v=3&w=800&s=RQZvWwqIMGZDShmaLuALLfF4&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
52e0b32d3349a2ac40d165101d466762caa775d197d4b0849fd4b50f453b0ff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
14746
expires
Wed, 31 Jul 2024 08:34:36 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7B60 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F23845_men_remo_navy_side.jpg&v=3&w=800&s=g3_h1BeJaZ3_1kkSw-5RlpbX&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef60ecae90e87144b6346fe1f031774dec3be996a48d8cf5e1b2c83b42508b46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
12452
expires
Tue, 30 Jul 2024 19:54:29 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7B60 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F5%2F25282_men_danillo_sky-blue-suede_side.jpg&v=3&w=800&s=uSMRC9R6rl58DZKo4DCj-dco&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1a49383956b0c309324f9e51dff3d3f015ce1be14d068832ad5354eac76b728f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
18046
expires
Tue, 30 Jul 2024 20:35:53 GMT
all
csm.eu.criteo.net/ Frame 7B60 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=I1p7H3bqLKGb_3jjReJpoDUXYRwyfUvpVaubx7lAO1MYebaSgHVEb8vbOIglDm_j6GF_R4IDxOhMmRhubNTLygG-6eQjFHqNOCuWlMDHgOkAriNOnP0InRz0mUexqaLPIDgbQNf_4f_UqLzikVQYNnV4KiynBKmCV2ouhEEEqk7GtGZ6GO9IE9GZMz4N7XyTKFJoKM7fsjhT5OgHzl_0zM3CNja26CIr9e486aG6kk5CInmmaJB3pxOmKnyEyNFS2B4K6A&sds=2&rev=87880&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7B60 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:24:05 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 7B60 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:24:05 GMT
frame.html
ad4m.at/ Frame 8BC3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2637643
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7f818c73fbc818c9-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:24:05 GMT
expires
Sun, 09 Jul 2023 00:24:59 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciRiGVOY%2BgpFmRL%2BneiYs2MbkCE9pTO%2BhhODkQYPlZs0CNg6jJ40%2FtDOEChbk%2B%2Fz%2Fqhfn8HZ2OlRivl0wONz6TB%2Fh1X0hN4%2FGHcPj7qrcjFDS5yyuDELwkGEZ8qj3%2BicAgNiT%2Fs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 6102 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6c0aad09d2e9f6415bba4210ec032a41dcdea45b6223dcac746f359cbe946823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 22:52:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41230
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 22:51:15 GMT
pixel
cm.g.doubleclick.net/ Frame 683E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk40RFZBQUpPdmhvYUFBXw==&google_gid=CAESECY2xyOeYGe-PZW3hBSpUNg&google_cver=1&google_push=AXcoOmQs0jMj2j7lvpuQe1tEGKghxeGVQx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk40RFZBQUpPdmhvYUFBXw==&google_gid=CAESECY2xyOeYGe-PZW3hBSpUNg&google_cver=1&google_push=AXcoOmQs0jMj2j7lvpuQe1tEGKghxeGVQxIxGON-438ADpk_VSIfZw2DRGlRF0G2YOJoAG9FLkBYqwD2es8NJO3Xj5iUAutKhB8
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220104-FRA
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692271445.114176,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk40RFZBQUpPdmhvYUFBXw==&google_gid=CAESECY2xyOeYGe-PZW3hBSpUNg&google_cver=1&google_push=AXcoOmQs0jMj2j7lvpuQe1tEGKghxeGVQxIxGON-438ADpk_VSIfZw2DRGlRF0G2YOJoAG9FLkBYqwD2es8NJO3Xj5iUAutKhB8
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 683E
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE_BEbZUDUDGeymwYZwC-AA&google_cver=1&google_push=AXcoOmQi1MUkkwSFrGGIwUxbyMF19ok-rIEFVyPLYLEs9Jw0WA1MyvoEOdvyyKOSvZkSYMF2aaFpS8EvojoHPL...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQi1MUkkwSFrGGIwUxbyMF19ok-rIEFVyPLYLEs9Jw0WA1MyvoEOdvyyKOSvZkSYMF2aaFpS8EvojoHPLf00PYMli9MAA&google_hm=hmTeA1SRozyQx_G4dw&...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQi1MUkkwSFrGGIwUxbyMF19ok-rIEFVyPLYLEs9Jw0WA1MyvoEOdvyyKOSvZkSYMF2aaFpS8EvojoHPLf00PYMli9MAA&google_hm=hmTeA1SRozyQx_G4dw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64DE035491A33C90C7F1B877BLIS
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQi1MUkkwSFrGGIwUxbyMF19ok-rIEFVyPLYLEs9Jw0WA1MyvoEOdvyyKOSvZkSYMF2aaFpS8EvojoHPLf00PYMli9MAA&google_hm=hmTeA1SRozyQx_G4dw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64DE035491A33C90C7F1B877BLIS
date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 683E 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEHvaIFBp_gd0RgbrWku9WU&google_cver=1&google_push=AXcoOmSJui-V13c2nwBXYusf1UODkRLOR7dFVCsoSNpLLP-7oq32efZxcXr7O_trs3Ta6CsTn0Ki77TGz_pYuSH-MsyslLLuZfU
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.27.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-27-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
dds
rtb.openx.net/sync/ Frame 683E 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEKN0bMpZzOUb33YzsdXV8jo&google_cver=1&google_push=AXcoOmSVblwDX8yKmB8qgj23SzqORZKby3JxMWVdj11xWIZjSo9Nj2yJaZYspgyk6l02p9N3mOIzoEeNt91KR1QuFYoVSGLOJA
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 683E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBMJPcEHdRpCZYQio14SYJ4&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBMJPcEHdRpCZYQio14SYJ4&google_hm=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB&google_nid=index&google_push=AXcoOmTV1h4fwarmj_DqFvHIsCpG-xHejqHqB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBMJPcEHdRpCZYQio14SYJ4&google_hm=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB&google_nid=index&google_push=AXcoOmTV1h4fwarmj_DqFvHIsCpG-xHejqHqB9qplwXZiFnSUZtEn_d3B77AR_DlTWv5iS3fPXRPxi81wyAELY3uQIqUFNx_Dg
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBhAj0CvEv8jsMdBtmVKWEugIyrftBHLCV62sPgi5FcKZFJZn7Kw6BHR%2Bn%2FmmhCu5K8U%2BsW8ia2JQFAheeXcTLi4%2Ff8i8GY%2B6SjPz4AlexGNKu7I2l7ErT9ENONxEpkRiw4PrEe5%2FdosuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBMJPcEHdRpCZYQio14SYJ4&google_hm=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB&google_nid=index&google_push=AXcoOmTV1h4fwarmj_DqFvHIsCpG-xHejqHqB9qplwXZiFnSUZtEn_d3B77AR_DlTWv5iS3fPXRPxi81wyAELY3uQIqUFNx_Dg
cache-control
no-cache
cf-ray
7f818c73fbc22c2d-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 683E
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEMLDWCteNeBAuhNMVNDCWiw&google_cver=1&google_push=AXcoOmRv21lKkmWiEKzSdGoHI94Ynsv7mdTB83WBs3kl80rH_mV7O713zeFZMe5AA5zMt7O8fQ5E5cP5BcjN8VPBiNw-jU...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_rnNXMHsQf6Wu6V9Xd7WbQ&google_push=AXcoOmRv21lKkmWiEKzSdGoHI94Ynsv7mdTB83WBs3kl80rH_mV7O713zeFZMe5AA5zMt7O8fQ5E5cP5BcjN8VP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_rnNXMHsQf6Wu6V9Xd7WbQ&google_push=AXcoOmRv21lKkmWiEKzSdGoHI94Ynsv7mdTB83WBs3kl80rH_mV7O713zeFZMe5AA5zMt7O8fQ5E5cP5BcjN8VPBiNw-jUax31A
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_rnNXMHsQf6Wu6V9Xd7WbQ&google_push=AXcoOmRv21lKkmWiEKzSdGoHI94Ynsv7mdTB83WBs3kl80rH_mV7O713zeFZMe5AA5zMt7O8fQ5E5cP5BcjN8VPBiNw-jUax31A
access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:24:05 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 683E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmR5xnGtDlGAUdmSwiSNYlkobncZh4ls94qBfTgvyi7gaRgCoPb4fnt2zXpjJpqbgQQvtCyATKn54oqfwJ4y7Lz8xGuBy6g&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-19f78d4c-a502-4260-bdfd-fa738269cfdd-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmR5xnGtDlGAUdmSwiSNY...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR5xnGtDlGAUdmSwiSNYlkobncZh4ls94qBfTgvyi7gaRgCoPb4fnt2zXpjJpqbgQQvtCyATKn54oqfwJ4y7Lz8xGuBy6g&google_hm=Axn3jUylAkJgvf36c4Jpz90
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR5xnGtDlGAUdmSwiSNYlkobncZh4ls94qBfTgvyi7gaRgCoPb4fnt2zXpjJpqbgQQvtCyATKn54oqfwJ4y7Lz8xGuBy6g&google_hm=Axn3jUylAkJgvf36c4Jpz90
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR5xnGtDlGAUdmSwiSNYlkobncZh4ls94qBfTgvyi7gaRgCoPb4fnt2zXpjJpqbgQQvtCyATKn54oqfwJ4y7Lz8xGuBy6g&google_hm=Axn3jUylAkJgvf36c4Jpz90
date
Thu, 17 Aug 2023 11:24:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX19f78d4ca5024260bdfdfa738269cfdd003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 683E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JwEz7MmLdFmL0hgLwepGLCXWnLXEqTQT4SaK2-WBNIx5gcvaq8ZEWX9YJKbvss4Htoa8Lc
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame AB43 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6c0aad09d2e9f6415bba4210ec032a41dcdea45b6223dcac746f359cbe946823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 22:52:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41230
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 22:51:15 GMT
dr
as.ad4m.at/ad/ Frame 8136 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kz6jsn8cshzzs75cswsk19829ve0gf4rzf27yjvez60wtk36zqbp2pq5zt5hwyw2nq1fxe3f3184z34nqenbdhptkvffpmmcta44xn8h88q1wx2hhw4rrxa3mhdxss1m45fqjgye3hca3jp7jxmcmepz63kf4k8rygt5bvt5vvw348zmcgfcdq9bmfz42n92vv2tsj4w3a5k9hc1fgx0tck0vhd861ajtzk3vgs20r6wmh8arpbqg0zr4jqhcgczb3dyhgrv2c6c6hd4r1b6n3bm5kny6kacc0q5ft2213kbnktnar1933gye3ss4tb6wq459cw7nk4fvp1yzzx5j1nz9epzeb11xqzq2kkmm3wjp9jpx85jb9ee9acnce7ab4fr5qtymbyafmqrsvtxg8cdbeen711z33x70dgpsjzb0kfk68k50crsymcc66khxzhf4qtww&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%26client%3Dca-pub-8278416939377896%26adurl%3D
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
998f0baa7d1a0cc1b16c41081a32b856713de102e2447b1828c0f8266e149cc6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f818c742c1818c9-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:05 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 6A10 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 10:30:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
3225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 10:30:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 15F8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8355
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 09:04:50 GMT
etag
48472445140208031
expires
Fri, 18 Aug 2023 09:04:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 6A10 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:15:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
47345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:15:00 GMT
l
www.google.com/ads/measurement/ Frame 6A10 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeUpBgKUZAZ3cB9fBzpdHCRs086SbgwnKmqXdqEJYvIAQzGfBNYerb9YApmGKmg7B9QURZjkm77yvFrqSIoijJLW5RWQ
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6A10 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 21:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
49098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Aug 2024 21:45:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6A10 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 11:24:05 GMT
khaos.jpg
token.rubiconproject.com/ Frame 6102 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
nunitosans-700.css
static.criteo.net/design/googlefont/nunitosans/ Frame 7B60 		2 KB
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:50 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f06a-67a"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:24:05 GMT
nunitosans-400.css
static.criteo.net/design/googlefont/nunitosans/ Frame 7B60 		2 KB
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f069-67a"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:24:05 GMT
khaos.jpg
token.rubiconproject.com/ Frame AB43 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
container.html
0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D5E3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
Fri, 16 Aug 2024 11:24:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cc.jpeg
px.vliplatform.com/bw-v4/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNPYKAtAaY-ZtYy-PAer-MwBM-taZKAtyePUKwRqxeNco_YPPaBTAKUUK_TRwNhxwdqzoeRhNAGBMPMAAAAAAAAAAAABRlmNBAAbYZARdzNwqfftkRmNTAKUUKRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIDdtuxIEg2JH8iB6vz80wxoexrVP3qePZBgJD5kAP5Pvv83TLGO9ko0pEpmdnWOuQtXIaXHT2XXGltSmEpUojjcXOwSY60o%2BBCrwnwpRz3MQV9ULEwoGrkuIQ2IxM30bc1fJSMOSlWz1r8Lwrgk5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c747ec03689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 8136 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kz6jsn8cshzzs75cswsk19829ve0gf4rzf27yjvez60wtk36zqbp2pq5zt5hwyw2nq1fxe3f3184z34nqenbdhptkvffpmmcta44xn8h88q1wx2hhw4rrxa3mhdxss1m45fqjgye3hca3jp7jxmcmepz63kf4k8rygt5bvt5vvw348zmcgfcdq9bmfz42n92vv2tsj4w3a5k9hc1fgx0tck0vhd861ajtzk3vgs20r6wmh8arpbqg0zr4jqhcgczb3dyhgrv2c6c6hd4r1b6n3bm5kny6kacc0q5ft2213kbnktnar1933gye3ss4tb6wq459cw7nk4fvp1yzzx5j1nz9epzeb11xqzq2kkmm3wjp9jpx85jb9ee9acnce7ab4fr5qtymbyafmqrsvtxg8cdbeen711z33x70dgpsjzb0kfk68k50crsymcc66khxzhf4qtww&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%26client%3Dca-pub-8278416939377896%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kz6jsn8cshzzs75cswsk19829ve0gf4rzf27yjvez60wtk36zqbp2pq5zt5hwyw2nq1fxe3f3184z34nqenbdhptkvffpmmcta44xn8h88q1wx2hhw4rrxa3mhdxss1m45fqjgye3hca3jp7jxmcmepz63kf4k8rygt5bvt5vvw348zmcgfcdq9bmfz42n92vv2tsj4w3a5k9hc1fgx0tck0vhd861ajtzk3vgs20r6wmh8arpbqg0zr4jqhcgczb3dyhgrv2c6c6hd4r1b6n3bm5kny6kacc0q5ft2213kbnktnar1933gye3ss4tb6wq459cw7nk4fvp1yzzx5j1nz9epzeb11xqzq2kkmm3wjp9jpx85jb9ee9acnce7ab4fr5qtymbyafmqrsvtxg8cdbeen711z33x70dgpsjzb0kfk68k50crsymcc66khxzhf4qtww&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%26client%3Dca-pub-8278416939377896%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
691856
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yT242RIDuoLL6T58%2FtaCfYvCgdS46oZkiJ73EEUaza5GRgcAurgP701VWPNA7zLGVP%2Bkk4hIKBkG6ZQrm0ncsECk1UpBua90%2BLGrriS9pFKry2017QlOeD1Vp1ZqdyA2%2BiGdn8LBHtU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f818c749cd718c9-FRA
expires
Thu, 17 Aug 2023 12:24:05 GMT
r62eglto.js
ad4m.at/ Frame 8136 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kz6jsn8cshzzs75cswsk19829ve0gf4rzf27yjvez60wtk36zqbp2pq5zt5hwyw2nq1fxe3f3184z34nqenbdhptkvffpmmcta44xn8h88q1wx2hhw4rrxa3mhdxss1m45fqjgye3hca3jp7jxmcmepz63kf4k8rygt5bvt5vvw348zmcgfcdq9bmfz42n92vv2tsj4w3a5k9hc1fgx0tck0vhd861ajtzk3vgs20r6wmh8arpbqg0zr4jqhcgczb3dyhgrv2c6c6hd4r1b6n3bm5kny6kacc0q5ft2213kbnktnar1933gye3ss4tb6wq459cw7nk4fvp1yzzx5j1nz9epzeb11xqzq2kkmm3wjp9jpx85jb9ee9acnce7ab4fr5qtymbyafmqrsvtxg8cdbeen711z33x70dgpsjzb0kfk68k50crsymcc66khxzhf4qtww&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%26client%3Dca-pub-8278416939377896%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
154418
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8TsDjfMWjZBTLV298JvK2Ksvu0uTu1kavPG9gC2oXPwzmuiUnlyrfXptcmv1xo%2BsjrCNQ0zUEUsqBHH%2BsQtFYiJF8SnW%2F2noyii49dPOtmDZpIDg5P8UnYzHXfegtqN0kbam1I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7f818c749cd918c9-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 15 Aug 2023 16:30:17 GMT
nunitosans-400-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame 7B60 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ea45c4c4ef9081cfd5aac2cf039ce0a9e53650afcc63dd9f31924571a76aee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f069-4254"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:24:05 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6102 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onfocus
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 15F8
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDUWpb5IrFdpo56A_cdvk4A&google_cver=1&google_push=AXcoOmTNXnk65YbW2S6gLarf3xtGr5qKYXNoDMFXU3_9xvxFo32pMOmuIE...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTNXnk65YbW2S6gLarf3xtGr5qKYXNoDMFXU3_9xvxFo32pMOmuIELNbJtCNH9cD7ylwo7dWpdAo2f0No2JT_v1s0gxNWiW&google_hm=E9karhdj3k1Y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTNXnk65YbW2S6gLarf3xtGr5qKYXNoDMFXU3_9xvxFo32pMOmuIELNbJtCNH9cD7ylwo7dWpdAo2f0No2JT_v1s0gxNWiW&google_hm=E9karhdj3k1Yx4dMZWs2qw
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTNXnk65YbW2S6gLarf3xtGr5qKYXNoDMFXU3_9xvxFo32pMOmuIELNbJtCNH9cD7ylwo7dWpdAo2f0No2JT_v1s0gxNWiW&google_hm=E9karhdj3k1Yx4dMZWs2qw
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 15F8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJAcSOkKtNo_FQ864BGY5Ro&google_cver=1&google_push=AXcoOmTACFQDirHxhubbAFMQRW3k4DDcZFYGNNkJ50h2EsfoADihbNt7Dd0jhXjIzPgJplVS5ioWs6kvqC1PXveG...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=68dk3gNUQwCiWWf3VrXFqA&google_push=AXcoOmTACFQDirHxhubbAFMQRW3k4DDcZFYGNNkJ50h2EsfoADihbNt7Dd0jhXjIzPgJplVS5ioWs6kvqC1PXveGS-1qlcPS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=68dk3gNUQwCiWWf3VrXFqA&google_push=AXcoOmTACFQDirHxhubbAFMQRW3k4DDcZFYGNNkJ50h2EsfoADihbNt7Dd0jhXjIzPgJplVS5ioWs6kvqC1PXveGS-1qlcPSeznZ7A
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x10 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=68dk3gNUQwCiWWf3VrXFqA&google_push=AXcoOmTACFQDirHxhubbAFMQRW3k4DDcZFYGNNkJ50h2EsfoADihbNt7Dd0jhXjIzPgJplVS5ioWs6kvqC1PXveGS-1qlcPSeznZ7A
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 17 Aug 2023 11:24:04 GMT
pixel
cm.g.doubleclick.net/ Frame 15F8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk40RFZBQUpPdmhvYUFBXw==&google_gid=CAESECY2xyOeYGe-PZW3hBSpUNg&google_cver=1&google_push=AXcoOmS1E3x6-xmfTFoEqX4h8SpRfNKsJN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk40RFZBQUpPdmhvYUFBXw==&google_gid=CAESECY2xyOeYGe-PZW3hBSpUNg&google_cver=1&google_push=AXcoOmS1E3x6-xmfTFoEqX4h8SpRfNKsJNfvbn_KIWcxAqhwO5N7oUkweZkHidIt19I89WoFqenBsf8CJ1n8wfyxZFDR7jTC3BF3zA
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220104-FRA
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692271445.248704,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk40RFZBQUpPdmhvYUFBXw==&google_gid=CAESECY2xyOeYGe-PZW3hBSpUNg&google_cver=1&google_push=AXcoOmS1E3x6-xmfTFoEqX4h8SpRfNKsJNfvbn_KIWcxAqhwO5N7oUkweZkHidIt19I89WoFqenBsf8CJ1n8wfyxZFDR7jTC3BF3zA
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 15F8
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFMOi6ZRly9ZN3hx20shZjI&google_cver=1&google_push=AXcoOmQu7soWskJr8obkxOEv0niW4h3eOjOLNLNGN3DsYizLcuxsid4jCOr6JH97_hywjSUNSoGJiUzUpQ0mcUqB7X13GZPuZnPjqQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CB22D64B9FCB4F978BEE2013A9CA74BD&google_push=AXcoOmQu7soWskJr8obkxOEv0niW4h3eOjOLNLNGN3DsYizLcuxsid4jCOr6JH97_hywjSUNSoGJiUzUpQ0mcUq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CB22D64B9FCB4F978BEE2013A9CA74BD&google_push=AXcoOmQu7soWskJr8obkxOEv0niW4h3eOjOLNLNGN3DsYizLcuxsid4jCOr6JH97_hywjSUNSoGJiUzUpQ0mcUqB7X13GZPuZnPjqQ
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 17 Aug 2023 11:24:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CB22D64B9FCB4F978BEE2013A9CA74BD&google_push=AXcoOmQu7soWskJr8obkxOEv0niW4h3eOjOLNLNGN3DsYizLcuxsid4jCOr6JH97_hywjSUNSoGJiUzUpQ0mcUqB7X13GZPuZnPjqQ
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 16 Aug 2023 11:24:05 GMT
pixel
cm.g.doubleclick.net/ Frame 15F8
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE_BEbZUDUDGeymwYZwC-AA&google_cver=1&google_push=AXcoOmRj4A1sC-ZjyblyAbI7r8dYAFtSOfllQm_4H0TLFLzpFXJiMBWPQf-gLRAce3d-RkCpfztYuIjAV-Z5ov...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRj4A1sC-ZjyblyAbI7r8dYAFtSOfllQm_4H0TLFLzpFXJiMBWPQf-gLRAce3d-RkCpfztYuIjAV-Z5ov45HjpKxxXQkumZSg&google_hm=hmTeA1SRozyQx_G...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRj4A1sC-ZjyblyAbI7r8dYAFtSOfllQm_4H0TLFLzpFXJiMBWPQf-gLRAce3d-RkCpfztYuIjAV-Z5ov45HjpKxxXQkumZSg&google_hm=hmTeA1SRozyQx_G4dw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64DE035491A33C90C7F1B877BLIS
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRj4A1sC-ZjyblyAbI7r8dYAFtSOfllQm_4H0TLFLzpFXJiMBWPQf-gLRAce3d-RkCpfztYuIjAV-Z5ov45HjpKxxXQkumZSg&google_hm=hmTeA1SRozyQx_G4dw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64DE035491A33C90C7F1B877BLIS
date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 15F8 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEHvaIFBp_gd0RgbrWku9WU&google_cver=1&google_push=AXcoOmS_dTP_yf1RTOZEHIRIEcrr5CBVqaxxafAh9WSU8kAxbPgwLU9vLe6W2L4ijhoZ1GxWm1H2hhKbG6fqMBRi3OvnD2EoRs3u4g
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.27.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-27-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 15F8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB_HjQVlo0e8f6wYtcm22Hg&google_cver=1&google_push=AXcoOmTIULQH4nFJl9R1TJQYF0DkAbCLc66Ey-DLq-wct9NZuq1qpL2jigebZXPF9pNWYds-UkItD24b...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNzY5NzkzMDY2ODI1MzYxOA&google_push=AXcoOmTIULQH4nFJl9R1TJQYF0DkAbCLc66Ey-DLq-wct9NZuq1qpL2jigebZXPF9pNWYds-UkItD2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNzY5NzkzMDY2ODI1MzYxOA&google_push=AXcoOmTIULQH4nFJl9R1TJQYF0DkAbCLc66Ey-DLq-wct9NZuq1qpL2jigebZXPF9pNWYds-UkItD24bxTy9x26qRUNUmwOyHuTRpg
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNzY5NzkzMDY2ODI1MzYxOA&google_push=AXcoOmTIULQH4nFJl9R1TJQYF0DkAbCLc66Ey-DLq-wct9NZuq1qpL2jigebZXPF9pNWYds-UkItD24bxTy9x26qRUNUmwOyHuTRpg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 15F8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LWePjjAciDylcJ2IgJsIi0yB2dFtb-um3ZTXZNy8BTUpVK5gN3v3qbwXV5ISLCQH8SaTNl
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D5E3 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 21:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
49098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Aug 2024 21:45:47 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame D5E3 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13119
x-jsd-version
1.15.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-yyz4549-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9wSp1dYXLqQxw1ejIse0mgMUiIW0ODew2b%2FJ2gF2yHhLTiF3nt4zqJLD%2BmJjtrIn5UniAGlnT5s2pX0b7R7snTeSgue1SMDOZ1NlHTRBTaiu5GhnqkMEbzKf5JoaQl%2BMHEryoN2pFSks%2Btvrig%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f818c74dcf96973-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D5E3 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 11:24:05 GMT
truncated
/ Frame 6A10 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0c07542f764ac7a8023298a111647a7217c67ff7ac391a73a52ed5c4c3db4ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame D596 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cp2fBVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTFAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYTQzfsiZ-DPYSgXBvDyWPgN0lZ3ZYAxlQC4QLJodVi9D9hZJMPivgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zOTYwMDk1NzA5OTMwMTM0GNKubQ&sigh=SVwosPiXrGo&uach_m=[UACH]&cid=CAQSPABpAlJWpWZ7h5SDykM63JPXApBP33A8QL2FEEz_8-_Df8-BFP1JjkD7nza-hGkcoxQ-dHeRwSRYhzOYZxgB&cbvp=2&vis=1
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame D596 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kriJFrr5RIAFrAKdg2ICAgAAAAms-DdKzdJ92Xec4RBUA95kzPBPxbvXiZtChQAAEgAACgpBUVVCQVFFQkFR&wp=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&cbvp=2
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
163266
server
Kestrel
content-length
0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 8136 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1033
x-guploader-uploadid
ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4kh1TzBcK0ziVS2d6fwnIgtTrl2YcmLOsq3lOjdgIWddYLkz2sWFVV25o4HI3QhB%2F9PSREa3zMu2uIA3N%2BUxrALTs7%2BIuq7Z7wCDwDRs5Xm0HwBMT7ZiMmspI9ELLqymvcJx8%2B8ciI2oAzevGJUPcsS"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7f818c757ad9361b-FRA
expires
Thu, 17 Aug 2023 11:47:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D5E3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuc50N-J8ADSwQUJY5GwIQrX5C-lRDVFzxc4RPSiYDwADtO0g3vNBINc3MI2GBjZGp7BFgKIPEQupNTj_zuywN8G236kMEOyUtpmdvAjyjj3qk1h4t4Q7ZrM2joyhcDoAW5k1gVD68Xn9SpPuAEFCbOXCGlQahrfyXAqWj6FdyzPiPzzggko5QjiPmNtsW0mo25Bz-qgRVpFzzqmJ57TGrOouAyTSnRo9CXKtuKF1Y1nuhfAD3kyyzpB4BkS5k0-hqqVLT82N6r39UjgmWxEHFEYyznfMGo_IvBHSq3PGbQXafkTUr4c0Ov1wQz-3Y_2iHZ7WnWG-OgfW3915IfSI1UwnF7GgzT-XdeYJdOJii1Mg&sai=AMfl-YQWXsvABuGeYTk58arPASfR6y_Ecpv0hHs9ovPuUoUUGEjecRSbbE4dzRRCxjYy44XBwbq8-RuhTcMtAhEn-UCNwYK0JjV5FLP80K3HnwDGnjTlZCcb8dgq04f8y1c&sig=Cg0ArKJSzJT_A7ohFs_3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
frame.html
ad4m.at/ Frame A5A9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2637643
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7f818c757e0718c9-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:24:05 GMT
expires
Sun, 09 Jul 2023 00:24:59 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Db11FMu4pXH1oDG6%2FAoUNDqmerY5QcXUJMw5m6D7AwH09F%2BCkluOXQ2AWhgM0DrYgHewIM9hAoZiU6kHLeZMgiYwC%2B9z69tsXKEGHZB8mPpdXIrY4xUjeicx5IfIk7Eip3pq4DU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame D5E3 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0dde4b2146a370deb629e667ba13721d8bb050d3ad18eb2bc1ffdb3c0271d33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame D5E3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvb1YXkcBAQurdpbnXYgp1M2Ftku1ShkLjbjiw3WwJwD95AxKOKIzOOcaisX3qkYqF_7EhWw1SU5Z3SmEHjWDw88J1yXwR_MOO63muuMyb6QKlhDoEukJfIKIj5GUUz9bs-IQvSVtBbXN2BOfGGBVlACE-j8HnEkxP50nGKZb0eaCO-PpaVQG3IDcEJh1dQXx0aOqAP7fe03wYNEFZQeNhi6jyht4zYSHvsLAcZ8sqJCPmLchhDfjUTy4VY7QWSB6Gif217OPE5bLJcI_fpUVpUsQ9PHtnn_EA88X_G1CWXvUU3Y7PH0ml0u0OpK6flRGY8oyBqKctQvK4YCZz86gqqJ0eTdU46lkU_QONZt3DAKsc&sai=AMfl-YT0-Q14tcB_8sfk7qEChyWwBf5bpEd5Ql0tE2EvCYYqg1KskjklNEFmuPXBPf9VLjAuCvwT3D2Ocv5S3V6LBqsYniF_ybqix20Zm_SBWAgBP_kywPHFDBoN5O31qpQ&sig=Cg0ArKJSzGPK8f3oqce8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 17 Aug 2023 11:24:05 GMT
/
dsp.adfarm1.adition.com/cookie/ Frame 2B43 		0
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp.adfarm1.adition.com/cookie/?userid=7268250507939412111&ssp=9&gdpr=0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.118 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dsp.adfarm1.adition.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding, User-Agent
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
show_banner
dspcluster.adfarm1.adition.com/ Frame 2B43 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dspcluster.adfarm1.adition.com/show_banner?wpt=J&cuid=4395096&cid=5357381&bid=18322084&auction=440B0255-3D0A-4E64-8511-79B8D1136F76&ts=1692271444343&bidid=7268250507934876561&p[country:de,isFirstPrice:1,postalCode:90402,trafficType:2,long:11.1,bidId:7268250507934876561,advertiserId:635558,ssp:9,referrer:aHR0cHM6Ly9zZWN1cml0eWFmZmFpcnMuY29tLzE0ODk4MS9oYWNraW5nL2NpdHJpeC1zaGFyZWZpbGUtY3ZlLTIwMjMtMjQ0ODktZmxhd3MtYXR0YWNrcy5odG1s,adSlotId:3599896,supplyId:157940,domain:securityaffairs.com,winningPrice:0.370000,networkId:3202,auctionType:1,lat:49.450001]&userid=7268250507939412111&adhost=ad-dsp55&gdpr=0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.67 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dspcluster.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
fec4890d19efd8e5bfa0a46e7a1898ee9a78db6d4b5237a8f52bc8822fc73c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 13:24:05 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
cc.jpeg
px.vliplatform.com/imp-v4/ Frame 2B43 		0
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNUeaKPtZy-MPyq-PUMa-wAYa-PwTyrYAqTUZyRqxeNco_YPPaBTAKUUK_TRwNhxwdqzoeRhNAGBMPMAAAAAAAAAAAABRlmNBAAbYZARdzNwqfftkRrdzNRwkhNRmNTAKUUKRleNpl
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Hy7DwLGq4H2u0xhgza3ftU3JJ%2BvtDPkfmhcyt5380aNegpctrWwfTxDyDsCrmUq4Ftcwp2SwbWEmH6kHVuMRxpSxMEM0GN3xTteYw%2Fqfhsk9ziAGvHROAUJE1iZRHoXf6iZRNjKGEYcDVjaHXqXnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c75a88f3689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
/
dsp.active-agent.com/reporting/ Frame 2B43 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.active-agent.com/reporting/?auctionId=440B0255-3D0A-4E64-8511-79B8D1136F76&bid=7268250507934876561&bannerId=18322084&campaignId=5357381&contentUnitId=4395096&impressionId=49&ssp=9&xr=&xc=&winningPrice=0.370000&contacts=1.0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.66 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dsp.active-agent.com
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 17 Aug 2023 11:24:05 GMT
Access-Control-Allow-Credentials
false
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rs
ad4m.at/ Frame 0E39 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d5e5c925b1796dac80ffd44df71db4a59753224cbfd3a254008ff381d3022c

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=081J2pciLOkiYWW1ay1WF99F0VMri3rjBHGF2VZe04XFVxJKMIsIoYryJqVtNO2LaEv01C70fA20TGfMTZKga%2BuLT4hS7zpIApy2jPlGk8cU4suKzNlz3xaeMgrjtOp%2FaAUeCz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7f818c75e9441e4b-FRA
x-backend-server
aa-reachservice-group-europe-west1-sxhc
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f818c75b8fa1e4b-FRA
content-length
24
content-type
text/plain
date
Thu, 17 Aug 2023 11:24:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7xaPLzHTmVmbTunaIDlAbcZF7d1WA35yJVEAIUxlJ5GGvNgNXHWK7sJJdiuWyLClQ2qUBr9MOq9rT0Arw%2Bv3ApQAjTM%2F6HlOyg9AigO0fPjHWcMsgwcmZ1iD4XQgB0WwRM%2BTSI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-sxhc
be96b820e5daac93
ads.us.e-planning.net/uspd/1/ Frame 9B10 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
bb3131ef675d16c29212b875800c84269adaab5e3b174f528b6947dc8ad8791e

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Thu, 17 Aug 2023 11:24:05 GMT
expires
Thu, 17 Aug 2023 11:24:05 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-919
setuid
u.4dex.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=appnexus&uid=7459351539056021238
0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=appnexus&uid=7459351539056021238
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
an-x-request-uuid
ed24a6d5-fd4d-4bca-9d3c-8df85083d468
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u.4dex.io/setuid?bidder=appnexus&uid=7459351539056021238
x-proxy-origin
81.95.5.35; 81.95.5.35; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6A10 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1hmoVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoEwwJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaChAwUtBZWKbTlTsCK-SA8sf3ra_VskytLgKNx0kYUmuuCdfUaSbuAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi04Mjc4NDE2OTM5Mzc3ODk2GNKubQ&sigh=aHNVVrv_1AU&uach_m=[UACH]&cid=CAQSPABpAlJWc_AMdZx-4Uz46dqGQpde1xA8XZry3RJNEXbMsadl6Fw_92JCIgrSGlScLiLMPzLbR6n-mZm2-RgB&cbvp=2&vis=1
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 6A10 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1k3ed6za3ex76ekykb9sbfvv5wsr5txqeqeqek4tatq50tvw0xshkfpjqpvn0rmvv7fpkb94dngkm4y8ewvszcec4jh5fzxhfj2bwh4e1ggf7g20fjhda9py4n8zm0cqeg4dncet2gvn7cc19vdw74sjhzr5vsty0k0yp4f4n4wr76ebpkg5yzejb6h1swb524a08x5cfrd3kyz6fs5y581dg3rhptae0d9ak8nqvnbk3mx11h0j048d00whxw582wbn69qrmbzy127v5qqkr4mxqysx2gq4p7cvdb9zv151b3nv10grh1wcjj83a6zsbn5ctb7vy7mbak6n987gth37arnkezjxtprj83hvma2rp8ndjcszy577adz3anhpeprk2p4dy4nbm2pb&b=ZN4DVAAHJl8IFWDMAA1O5VgIlOPktsZU2hZHOg&cbvp=2
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f818c75c91b1e4b-FRA
content-length
24
content-type
text/plain
date
Thu, 17 Aug 2023 11:24:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uAOPQ0SirJXlrzdQKZl1Rw5ozszyj8tt2BI6wy9ZoUQyxBit7nSyYj3q4KYKpxxNeweqNu3sgX9Pug7XUPYwnpCD1UYWtimZc5PB53FLy%2FC0mFGN1kc9cZqZdvcaXrUZEevnMc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-sxhc
rs
ad4m.at/ Frame 8136 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fcdea3b84f02b2c125b635c8c111865599a7115e02706053f42ed879d6609f0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Unuqz5l88Wg7aYKyaP%2Bzag2pROEoK3GgLapKtAb%2Fz%2BqUuDCFnGA6hWiSeyhQqNftd13AAbVP2mBPrFRCD9Bpk1Sx622JycJpwUwbSmiDl68dPWqxw5Nv7GMvauwiVMWzyLzGcm4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7f818c7619871e4b-FRA
x-backend-server
aa-reachservice-group-europe-west1-sxhc
alt-svc
h3=":443"; ma=86400
pixelSync
pixel.sitescout.com/dmp/ Frame 9B10 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Db31899ded8ce2225
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pbs.gif
sync.admanmedia.com/ Frame 9B10 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Db31899ded8ce2225%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
prebid
rtb.openx.net/sync/ Frame 9B10 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Db31899ded8ce2225%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 9B10 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 15 Aug 2028 11:24:04 GMT
um
u-ams03.e-planning.net/ Frame 9B10
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Db31899ded8ce2225%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=b31899ded8ce2225&uid=7459351539056021238
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=b31899ded8ce2225&uid=7459351539056021238
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Thu, 17 Aug 2023 11:24:05 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
an-x-request-uuid
fbf74743-825e-4efb-bd9c-6f2b2ddffab8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=b31899ded8ce2225&uid=7459351539056021238
x-proxy-origin
81.95.5.35; 81.95.5.35; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 9B10
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Db31899ded8ce2225%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=b31899ded8ce2225&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=b31899ded8ce2225&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Thu, 17 Aug 2023 11:24:05 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=b31899ded8ce2225&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
cache-control
no-store
content-length
0
expires
0
us
sync.go.sonobi.com/ Frame 9B10 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Db31899ded8ce2225%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-123
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-ams03.e-planning.net/ Frame 9B10
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=csuid_f51f4502-7d6c-4c4c-82de-6e2f73249c65&dc=b337141cfdc8cf59&fi=b31899ded8ce2225
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=csuid_f51f4502-7d6c-4c4c-82de-6e2f73249c65&dc=b337141cfdc8cf59&fi=b31899ded8ce2225
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Thu, 17 Aug 2023 11:24:05 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=csuid_f51f4502-7d6c-4c4c-82de-6e2f73249c65&dc=b337141cfdc8cf59&fi=b31899ded8ce2225
date
Thu, 17 Aug 2023 11:24:05 GMT
server
fasthttp
content-length
0
usync.html
eus.rubiconproject.com/ Frame 6984
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 11:24:05 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 17 Aug 2023 11:24:05 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 58FA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Db31899ded8ce2225%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91873
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 11:24:05 GMT
expires
Fri, 18 Aug 2023 12:55:18 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 1861 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db31899ded8ce2225%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
722c03b47c6713a77185c402bd2a4b52ceace439ce2821dfdb72e8720b3ba78a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1653
Content-Type
text/html
Date
Thu, 17 Aug 2023 11:24:05 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame D13F 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
84227
cf4ttl
157680000.000
content-length
1525
content-type
text/html
date
Thu, 17 Aug 2023 11:24:05 GMT
etag
"61ddbb71-5f5"
expires
Mon, 24 Apr 2028 15:30:46 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
7036e2a53c1f9f0bd70365a014b1d012
x-cf-tsc
1682607275
x-cf1
29080:fK.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 7DF7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 9B8C 		760 B
786 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ff3da9a9c791b08a5ad0806e78b3e009e025955c47f4f2cf6f00f4d233885f5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7f818c75e9fe1a7d-FRA
content-encoding
br
content-type
text/html
date
Thu, 17 Aug 2023 11:24:05 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 9B10 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-7.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 11:35:11 GMT
content-encoding
gzip
via
1.1 d9fcaa7ae40e5e547fbbd3d693139fae.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:08:40 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
85735
x-amz-server-side-encryption
AES256
etag
W/"0c967603b7e4d32b78b7ca772270a5c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
hfq1RKslTms0OAnzN398IzE36Oeso6NnMFSsdVCWgr7-gsI-dO78tg==
15581
rtb.gumgum.com/usync/ Frame D5CC 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.48.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-48-56.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8440b44df37920c5154e5bede3975fdb0edde35b4c6f8029b81a7e56166c0495

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 17 Aug 2023 11:24:05 GMT
etag
W/"01f6cd817f3e5987624a40b34c1ed8e3f"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame FF9B 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 17 Aug 2023 11:24:05 GMT
setuid
u.4dex.io/ Frame 90B5 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=eplanning&uid=ALb-MpcF055A7u0A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:24:05 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
dbtlib.js
imagesrv.adition.com/js/dbt/ Frame 2B43 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/dbt/dbtlib.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
47d8dabc70c62f44afef6ddc54356b49f16ed6b4f01b306f519f63c7a1283f79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
br
last-modified
Tue, 07 Aug 2018 06:19:39 GMT
etag
"3896939110-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8729
showad.js
ads.pubmatic.com/AdServer/js/ Frame FBE8 		39 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=27046
content-encoding
gzip
content-length
14445
content-type
text/html
date
Thu, 17 Aug 2023 11:24:05 GMT
expires
Thu, 17 Aug 2023 18:54:51 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame D941 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=157940&siteId=824873&adId=3599896&imprId=89459DE5-1D61-45DD-A88D-EC887D4DD0C2&cksum=A2F7092B850552F8&adType=10&adServerId=243&kefact=0.519714&kaxefact=0.519714&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1692271444&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.402524&dcId=3&tldId=0&passback=0&svr=BIDAMS0192&adsver=_115843193&adsabzcid=0&cls=BID&i0=0x2100000000000000&c0=0x1&ekefact=VAPeZGEtBwBewrcAm7OkyHOu7uMIIhYG9dmL72Rclzxn4Gc_&ekaxefact=VAPeZG8tBwC_22vk9lhjGTf1SPuvktYeK0OegEBA2NZ4DL3w&ekpbmtpfact=VAPeZHstBwAQFYtpsHmRl5gKCmAugZsbjF8jr1R6jnctDK2g&enpp=VAPeZIYtBwASrmsqo3ewevx3_kgIpkY7OtxQd-q1ApXNq9Ex&pfi=1&domId=8222502327166973060&dc=AMS&pubBuyId=20680&crID=18322084&lpu=mobile.1und1.de&ucrid=14797319907573267814&campaignId=23040&creativeId=0&pctr=0.000000&wDSPByrId=3202&wDspId=1101&wbId=3&wrId=2610456&wAdvID=113000&wDspCampId=5357381&isRTB=1&rtbId=440B0255-3D0A-4E64-8511-79B8D1136F76&ver=11&dateHr=2023081711&oid=89459DE5-1D61-45DD-A88D-EC887D4DD0C2&cntryId=58&domain=securityaffairs.com&sec=1&pAuSt=2&wops=0&sURL=securityaffairs.com&BrID=5
Requested by
Host: 0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:24:04 GMT
expires
0
pragma
no-cache
crum
dsum-sec.casalemedia.com/ Frame 1861
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN4DVEwaCwBfIjOatYFQKQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXSDQRyVbojB4Cu0n9FDsI&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXSDQRyVbojB4Cu0n9FDsI&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXSDQRyVbojB4Cu0n9FDsI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 1861 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EVMYCJXH5ZC53YA4ZFG1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 1861
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBMJPcEHdRpCZYQio14SYJ4&google_cver=1
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBMJPcEHdRpCZYQio14SYJ4&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WeEYzsygw1hlA2U799sHgOXXKMmjFLaGYUqjBDmGxdRVDbDBOifB5LUgvHMmQV9FLa%2FbcIoNqRimlNUjNiLiMzMMX%2Bc7TeAMMmdm5au0UNXPcsLMpJIbq0hXnTIv1oTmvtYp%2BICAgTWIrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f818c76596004a3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBMJPcEHdRpCZYQio14SYJ4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 1861 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 1861
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708169045&external_user_id=5ff12970-bf75-43a4-b869-26c3bdd16b9f
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708169045&external_user_id=5ff12970-bf75-43a4-b869-26c3bdd16b9f
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708169045&external_user_id=5ff12970-bf75-43a4-b869-26c3bdd16b9f
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 1861
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420622270184
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420622270184
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420622270184
Date
Thu, 17 Aug 2023 11:24:05 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 1861
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2407697930668253618&expiration=1693481045
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2407697930668253618&expiration=1693481045
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2407697930668253618&expiration=1693481045
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 1861
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4138269106523966498
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4138269106523966498
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4138269106523966498
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
um
u-ams03.e-planning.net/ Frame 1861 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=b31899ded8ce2225&uid=ZN4DVEwaCwBfIjOatYFQKQAA%263265
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Thu, 17 Aug 2023 11:24:05 GMT
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 6984 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6c0aad09d2e9f6415bba4210ec032a41dcdea45b6223dcac746f359cbe946823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 22:52:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41230
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 22:51:15 GMT
rar
as.ad4m.at/ad/ Frame DFD5 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=175059%2C157265%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKM%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CGgdFBfpf6jZGCKHeHGtBCppJHZSYTJVPTY8zK%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=ce88c192b3f1e0ce9c16159bc9b85813%2F8424617169155200433&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e6472abb172d5422952dae0b91c3adccc62de9e61b048662c060a320f7ba285
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hgp7t80j7e098aj2svka5nvxy7d7wt5f41jzfjc7bj5va0m8nqvrrbg9p6frvgjm6bt47vxxkcyx357ezwktk9hwectzgm8b9b003e0h22dnc043gmmty1vzcmp9n6gezj05546qxhwxat9er9qrmp5xm5h37rxqxzatpcfkx5hna1xgpcegfaz3nxa8nywx250xb3j68z5cpjhdmx29vmffqncv0r5b5me0df1rje1r3xxqxfp651beyrqnva2rkgke28aqmpzmg3hn6fwz48e9as5w2yvn5mk8f48cnz2pztvq8cfcgrv9vgt26jyxvwzs0jr210gyhxpd52n1zwchgn1027aah2860hqy595gc9yc2rh4z9gy94g0n765xmzvax5s2k242ph85ztxdzskjvz9zc853kezccba9d6f4qfmjr7x8pyy2wmm7mh2r8cbqfnnzfg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%26client%3Dca-pub-8278416939377896%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f818c764f1118c9-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:05 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
usersync
usersync.gumgum.com/ Frame D5CC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7459351539056021238
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7459351539056021238
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
an-x-request-uuid
9cc341e8-bd99-48be-b843-4003dd878634
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7459351539056021238
x-proxy-origin
81.95.5.35; 81.95.5.35; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame D5CC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_39063449-6c63-4b6e-b9d0-511c97732e5b&gdpr=&gdpr_consent=&us_privacy=
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dgumgum2%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=gumgum2&user_id=k-56R0vGVUijCBLPOBHfHPjC6stbg3ccIQ_IkYnA&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=bsw&i=1ab11767-d619-4fc8-bdc0-9c39973188cb&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=1ab11767-d619-4fc8-bdc0-9c39973188cb&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=1ab11767-d619-4fc8-bdc0-9c39973188cb&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 17 Aug 2023 11:24:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncPlatform
sync.outbrain.com/ Frame D5CC
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ZxK_iBduv2W3Ab9Xwj8fJWPAeOraH0BzpCY6sx8QjZHJhtFiA8VAhRDrDBRkkD0f%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_39063449-6c63-4b6e-b9d0-511c97732e5b&obuid=ENC(ZxK_iBduv2W3Ab9Xwj8fJWPAeOraH0BzpCY6sx8QjZHJhtFiA8VAhRDrDBRkkD0f)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
no-cache
X-TraceId
0edd6954a072ab06ec3b3242ef571eab
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date
Thu, 17 Aug 2023 11:24:05 GMT
X-TraceId
fa5891355dc5206ecdbec5b2bc1e9d9f
Content-Length
0
cm
us-u.openx.net/w/1.0/ Frame D5CC 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame D5CC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35
Date
Thu, 17 Aug 2023 11:24:05 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame D5CC 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:5fd4:6fb0:e48:6d7e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame D5CC
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=74028443-b1bd-4f33-8a88-39ffc4005428
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=74028443-b1bd-4f33-8a88-39ffc4005428
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=74028443-b1bd-4f33-8a88-39ffc4005428
Date
Thu, 17 Aug 2023 11:24:05 GMT
Connection
keep-alive
X-CI-RTID
2aa1e8a9-d117-4e6f-9841-12e6f71a7f5e
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame D5CC
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://rtb.gumgum.com/
x-varnish
477452457
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame D5CC 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame D5CC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_39063449-6c63-4b6e-b9d0-511c97732e5b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame D5CC
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=feb9cd5c-c1ec-41fe-96bb-a57d5dded66d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=feb9cd5c-c1ec-41fe-96bb-a57d5dded66d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=feb9cd5c-c1ec-41fe-96bb-a57d5dded66d
access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:24:05 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame D5CC
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=74xGRpaD9bOf&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=74xGRpaD9bOf&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=74xGRpaD9bOf&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-kq89m
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame D5CC 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-length
0
um
sync.e-planning.net/ Frame D5CC 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=b31899ded8ce2225&uid=e_39063449-6c63-4b6e-b9d0-511c97732e5b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Thu, 17 Aug 2023 11:24:05 GMT
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 9B8C
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7a7...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=bf3fedf8-f5dc-4504-70da-ee67f6044a73&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=bf3fedf8-f5dc-4504-70da-ee67f6044a73&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f818c769b0e1a7d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=bf3fedf8-f5dc-4504-70da-ee67f6044a73&zdid=1361
date
Thu, 17 Aug 2023 11:24:05 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 9B8C 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=bf3fedf8-f5dc-4504-70da-ee67f6044a73&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f818c765a9b1a7d-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame 9B8C 		557 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=bf3fedf8-f5dc-4504-70da-ee67f6044a73&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e84e0083068d9e569536a3d3f2457455d4525c8e993c7a151e7e7c218f44959b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f818c768af01a7d-FRA
access-control-allow-headers
*
rar
as.ad4m.at/ad/ Frame 46F7 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=728&d=90&e=&g=30cde0e5af03cfc80d1e611d648291e2%2F16412209434263918788&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445309&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74d27ee9b7bfd761b73e71c90baffa31a5060d2232f969678ce988cef9ceb0db
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kz6jsn8cshzzs75cswsk19829ve0gf4rzf27yjvez60wtk36zqbp2pq5zt5hwyw2nq1fxe3f3184z34nqenbdhptkvffpmmcta44xn8h88q1wx2hhw4rrxa3mhdxss1m45fqjgye3hca3jp7jxmcmepz63kf4k8rygt5bvt5vvw348zmcgfcdq9bmfz42n92vv2tsj4w3a5k9hc1fgx0tck0vhd861ajtzk3vgs20r6wmh8arpbqg0zr4jqhcgczb3dyhgrv2c6c6hd4r1b6n3bm5kny6kacc0q5ft2213kbnktnar1933gye3ss4tb6wq459cw7nk4fvp1yzzx5j1nz9epzeb11xqzq2kkmm3wjp9jpx85jb9ee9acnce7ab4fr5qtymbyafmqrsvtxg8cdbeen711z33x70dgpsjzb0kfk68k50crsymcc66khxzhf4qtww&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%26client%3Dca-pub-8278416939377896%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f818c766f5818c9-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:05 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
khaos.jpg
token.rubiconproject.com/ Frame 6984 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
usersync.gumgum.com/ Frame 8646
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZN4DVAAJOvhoaAA_&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZN4DVAAJOvhoaAA_&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:24:05 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 17 Aug 2023 11:24:05 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZN4DVAAJOvhoaAA_&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-etou8220104-FRA
x-timer
S1692271446.518148,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 9C2B 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zOTA2MzQ0OS02YzYzLTRiNmUtYjlkMC01MTFjOTc3MzJlNWI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:24:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C36D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91873
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 11:24:05 GMT
expires
Fri, 18 Aug 2023 12:55:18 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 4250 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 17 Aug 2023 11:24:05 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 7CC1
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZN4DVcCo5tAAAO1iyoYAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZN4DVcCo5tAAAO1iyoYAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:24:05 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 17 Aug 2023 11:24:05 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZN4DVcCo5tAAAO1iyoYAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40141.dc2p.scaleout.jp
X-SO-IP
81.95.5.35
X-SO-Key
ZN4DVcCo5tAAAO1iyoYAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZN4DVcCo5tAAAO1iyoYAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40141"}
X-SO-LB-Hostname
a-tgng40012.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40141
gumgum
cs.admanmedia.com/sync/ Frame 831E 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_39063449-6c63-4b6e-b9d0-511c97732e5b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Thu, 17 Aug 2023 11:24:08 GMT
Server
nginx
Transfer-Encoding
chunked
usermatchredir
ssum-sec.casalemedia.com/ Frame C5F8 		43 B
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f818c7689b804a3-FRA
content-length
43
content-type
image/gif
date
Thu, 17 Aug 2023 11:24:05 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjSbERbseU2xKLlcH5ENK1mfqM45vJ7hWiSQPpCzr%2BuI%2FhwS0J3KrGA9ff0j0UDRQGUTgbQHJUAtdqr7kuZ1kqfB6lcLv6NAUfEXBWRpuJi7h319nGUKdBNfZ3euvBuxPiUmOOQP785vwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 9525
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=mZ3nyFB0GpZRlmsuO8Rx&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=mZ3nyFB0GpZRlmsuO8Rx&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:24:05 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 17 Aug 2023 11:24:05 GMT Thu, 17 Aug 2023 11:24:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=mZ3nyFB0GpZRlmsuO8Rx&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 6D55
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 11:24:05 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 17 Aug 2023 11:24:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame DFD5 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C157265%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKM%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CGgdFBfpf6jZGCKHeHGtBCppJHZSYTJVPTY8zK%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=ce88c192b3f1e0ce9c16159bc9b85813%2F8424617169155200433&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=175059%2C157265%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKM%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CGgdFBfpf6jZGCKHeHGtBCppJHZSYTJVPTY8zK%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=ce88c192b3f1e0ce9c16159bc9b85813%2F8424617169155200433&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
691856
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQ%2BzyEOKETZVnHpfCrtEZq9LpPBQGAFe6UxLY4wYr2Vm%2FyLKdZHhLO5HrdkEmImJ1PqLNUt%2FizMsfcTtGJ24s48seXw70kkB56F6aJ6nw%2FE0Jtloodezx2wVF7y23yNx30SVjoWe3YE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f818c769fb218c9-FRA
expires
Thu, 17 Aug 2023 12:24:05 GMT
807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
assets.ad4m.at/logo/ Frame DFD5 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C157265%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKM%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CGgdFBfpf6jZGCKHeHGtBCppJHZSYTJVPTY8zK%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=ce88c192b3f1e0ce9c16159bc9b85813%2F8424617169155200433&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
321526
cf-polished
origFmt=png, origSize=11357
alt-svc
h3=":443"; ma=86400
content-length
5848
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Jun 2023 08:41:46 GMT
server
cloudflare
etag
"ccfbd2e3feb27487a1f6d1f6b03866aa"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoC9NTbxcbuqa9123AW00p5I9f0qpPlyZjYEMpU4B26VAzen30D5S2LmHrde8yQjo8hz6kxudzfWG6B%2BuKOnTw0UGMdz%2B%2FIxymHp4Jd0diz5ifL5q4G8thD6QaMfLrQ329djEUNQhveD9G7u"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f818c76af695c44-FRA
expires
Fri, 18 Aug 2023 11:24:05 GMT
2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
assets.ad4m.at/ Frame DFD5 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C157265%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKM%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CGgdFBfpf6jZGCKHeHGtBCppJHZSYTJVPTY8zK%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=ce88c192b3f1e0ce9c16159bc9b85813%2F8424617169155200433&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69202
cf-polished
origFmt=png, origSize=289744
alt-svc
h3=":443"; ma=86400
content-length
187558
cf-bgj
imgq:85,h2pri
last-modified
Fri, 23 Jun 2023 11:11:49 GMT
server
cloudflare
etag
"17decb4f4cab809ec8159433a7f13627"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkq%2FSsC0f3f2D4xxuZT6WpDGRyqNYESPmEzoJyBwMcSArjMk%2B%2ButCeXxW5r%2Bc7J0sM918n2aeg8%2FOJyPHT2lvlahAoXUgyUsNcpyZGGJLmr1wUpdmtrmuHtZM2cWBdhHg8yFGMKGYRnjWhO%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f818c76af715c44-FRA
expires
Fri, 18 Aug 2023 11:24:05 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame DFD5 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C157265%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKM%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CGgdFBfpf6jZGCKHeHGtBCppJHZSYTJVPTY8zK%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=ce88c192b3f1e0ce9c16159bc9b85813%2F8424617169155200433&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2498482
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wy7ka5x5fs90ilnd2K64ffOu4qYkUXRpud9oPYLPI9j3%2Fk8nCtGY8iZ2I%2BucpgDZymBlN2KtxXNEyg0Q9x7werRxT9qPT05qG3Beu338fgBVMq4qqrq1loQh8sKKKKT9%2F%2FZdB0%2BJkgSLqM5W"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f818c76af6b5c44-FRA
expires
Fri, 18 Aug 2023 11:24:05 GMT
0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame DFD5 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C157265%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKM%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CGgdFBfpf6jZGCKHeHGtBCppJHZSYTJVPTY8zK%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=ce88c192b3f1e0ce9c16159bc9b85813%2F8424617169155200433&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
311485
cf-polished
qual=85, origFmt=jpeg, origSize=60344
alt-svc
h3=":443"; ma=86400
content-length
22974
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Mar 2023 22:26:34 GMT
server
cloudflare
etag
"06609266defcd14ec685b2464aeced2e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6LEs3C4yGTd5gKtec2DjQpgwRqm85s%2BAOR%2BTtJEnjLfLpqHhJTJmBlwOhqKBsaw%2FqwY4bMB0UnGqaT0vW680Z7FAF%2BVXDIVkExbqJZ%2BQqgZW8YbipLoD0VYGmc4yc1PpXOMIN1PavpbC68q"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f818c76af735c44-FRA
expires
Fri, 18 Aug 2023 11:24:05 GMT
/
partner.o2online.de/a/ Frame DFD5
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKzDgrPK44ADFZ-R_QcdAywGRg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081713240587990392065X117703V1226132702MSviewoneidJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKMoneid__suit...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081713240587990392065X117703V1226132702MSviewoneidJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023081713240587990392065X117703V1226132702MSviewoneidJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C157265%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKM%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CGgdFBfpf6jZGCKHeHGtBCppJHZSYTJVPTY8zK%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=ce88c192b3f1e0ce9c16159bc9b85813%2F8424617169155200433&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081713240587990392065X117703V1226132702MSviewoneidJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023081713240587990392065X117703V1226132702MSviewoneidJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117703&partnerid=12218
date
Thu, 17 Aug 2023 11:24:05 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame DFD5 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C157265%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKM%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CGgdFBfpf6jZGCKHeHGtBCppJHZSYTJVPTY8zK%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=ce88c192b3f1e0ce9c16159bc9b85813%2F8424617169155200433&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1965103
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbRNWu7ywXoVYcppTHpg6d8HA27qgegR99kdGr9b%2FOP43vRR9iHgTILp2RiEuu%2Bp4%2BIXR1uKwgPNkKBOVP6ucGMBmmhLixiStzdz28sQiDwcYL75ZLwzPAR7kSnIU45rLM5PH34ZBrWjDtwo"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f818c76af665c44-FRA
expires
Fri, 18 Aug 2023 11:24:05 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame DFD5 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C157265%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKM%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CGgdFBfpf6jZGCKHeHGtBCppJHZSYTJVPTY8zK%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=ce88c192b3f1e0ce9c16159bc9b85813%2F8424617169155200433&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
311602
cf-polished
degrade=85, origSize=133780, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
38661
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0D1xz2eqpDEwGno9uP%2FgBIECAB1KfNIsWMHrOKOGztP1ik82vCswcqT3Yk2J2q2phjahtIc%2Fp%2F3cKu%2Bex13oJSieO1yufB3XoP8Daq7LYy8GZyX2gBwDr%2FOYDczbqTkhivPmvq%2BcGA13Byni"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f818c76af6e5c44-FRA
expires
Fri, 18 Aug 2023 11:24:05 GMT
cshow.php
www.awin1.com/ Frame DFD5 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C157265%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKM%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CGgdFBfpf6jZGCKHeHGtBCppJHZSYTJVPTY8zK%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=ce88c192b3f1e0ce9c16159bc9b85813%2F8424617169155200433&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.80.244.96 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-244-96.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6984 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
recommend
dbt.adition.com/resources/banner/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dbt.adition.com/resources/banner/recommend?DA_CLIENT_ID=bd92ffc2-ac69-4abd-97d6-73377d8db6d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Allow
OPTIONS,POST
Content-Length
0
Date
Fri, 17 Mar 2023 09:41:03 GMT
Server
ISAS
Vary
Accept-Encoding
X-Pect
The Spanish Inquisition
via
1.1 dbt-directory02
recommend
dbt.adition.com/resources/banner/ Frame 2B43 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dbt.adition.com/resources/banner/recommend?DA_CLIENT_ID=bd92ffc2-ac69-4abd-97d6-73377d8db6d4
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/dbt/dbtlib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
2c3337118e0931cb2d981cc3c320b4a0d8a488a815ba902d72a197254ab12628

Request headers

Accept
application/json
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/json

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 dbt-directory02
Server
ISAS
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
*
transfer-encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Accept
usync.js
eus.rubiconproject.com/ Frame 6D55 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6c0aad09d2e9f6415bba4210ec032a41dcdea45b6223dcac746f359cbe946823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 22:52:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41230
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 22:51:15 GMT
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 46F7 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=728&d=90&e=&g=30cde0e5af03cfc80d1e611d648291e2%2F16412209434263918788&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445309&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=728&d=90&e=&g=30cde0e5af03cfc80d1e611d648291e2%2F16412209434263918788&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445309&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
691856
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0alf4%2FlxD%2FT7D8sdQTccIOl6b1xUeI8sBLOWf03niZOQl0iLsg2P49kTas43N%2FhHsoG2mHtxGMQXv9X%2Fo9dkpYYFJmXDgmtBbrGHvd86obGFdvjQD7ZtDoA%2BQOb9r5vd4HUp%2BfazLIY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f818c76c80118c9-FRA
expires
Thu, 17 Aug 2023 12:24:05 GMT
1A3519435B93A8A4F3F6C13959D6951303D43C0A1C67EEC9C84723E6608D860AF870AF3D1E802C8E6A703FE15D4D810EB0CD13D3F6F07FB94916A320CEFB013B
assets.ad4m.at/logo/ Frame 46F7 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/1A3519435B93A8A4F3F6C13959D6951303D43C0A1C67EEC9C84723E6608D860AF870AF3D1E802C8E6A703FE15D4D810EB0CD13D3F6F07FB94916A320CEFB013B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=728&d=90&e=&g=30cde0e5af03cfc80d1e611d648291e2%2F16412209434263918788&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445309&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
898107a317921f1fe8f4784c2a5f9032dba634f89a2c5a31bdaa253206f19eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2628977
cf-polished
origFmt=png, origSize=155987
alt-svc
h3=":443"; ma=86400
content-length
97378
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 10:34:04 GMT
server
cloudflare
etag
"046c487317a4f122cc1e9773901d1d88"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANgI8rJU18cwoSQoPfh4vqSBbOlgryctTW6EdSrofaFuoXb5lM8CYylgUs%2F%2BKOG6t2t9HXV2b9A8Alqa3CaLD%2BAeyIB6W4qfc6%2F%2ByG1XxoHuSYnRVTRYGH81aj%2FfIwr%2FMvAfQmwzEoY%2F4Z20"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f818c76c80218c9-FRA
expires
Fri, 18 Aug 2023 11:24:05 GMT
F3A3B7992F041E027EDF5C55060530AEE4F74888194218BF68384A7CF45BCBCEFBE42F66E82D247734FE42733361C61FBF8347907D061895BF7BC8415B5E9D5B
assets.ad4m.at/ Frame 46F7 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/F3A3B7992F041E027EDF5C55060530AEE4F74888194218BF68384A7CF45BCBCEFBE42F66E82D247734FE42733361C61FBF8347907D061895BF7BC8415B5E9D5B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=728&d=90&e=&g=30cde0e5af03cfc80d1e611d648291e2%2F16412209434263918788&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445309&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c03e3b2943f699bc681b4449f737e96566128d62402914d631a6930bfc55106d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
324106
cf-polished
origFmt=png, origSize=167445
alt-svc
h3=":443"; ma=86400
content-length
99202
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 10:42:06 GMT
server
cloudflare
etag
"cdf0423881e134b37ad0cbff5572a8e7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keM6iBVeKXKWdMtsY%2FK8rtFknf3fanvTtDHFuxAAnd5rRmKvoN2z2tFT%2FPMDFP5UFfI3H%2F8AfQOQrj8d2WI%2FvzVximxPHVolMztY6AGzc5qT%2B4xyG%2B7M9pEJGewWYslSac8CKI8ejH92GPnK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f818c76d81918c9-FRA
expires
Fri, 18 Aug 2023 11:24:05 GMT
/
www.restposten.de/ Frame 46F7
Redirect Chain
  • https://t.adcell.com/p/view?promoId=309583&slotId=46690&pv=1&htlp=1&subId=oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.restposten.de/?utm_source=ADCELL&utm_medium=Text&utm_campaign=Standard&bid=309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.restposten.de/?utm_source=ADCELL&utm_medium=Text&utm_campaign=Standard&bid=309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=728&d=90&e=&g=30cde0e5af03cfc80d1e611d648291e2%2F16412209434263918788&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445309&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
3.124.181.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-181-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

date
Thu, 17 Aug 2023 11:23:27 GMT
strict-transport-security
max-age=15768000
server
myracloud
content-type
text/html
location
https://www.restposten.de/?utm_source=ADCELL&utm_medium=Text&utm_campaign=Standard&bid=309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
cache-control
max-age=0
content-length
0
expires
Thu, 17 Aug 2023 11:23:27 GMT
AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame 46F7 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=728&d=90&e=&g=30cde0e5af03cfc80d1e611d648291e2%2F16412209434263918788&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445309&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
838596
cf-polished
origFmt=png, origSize=60352
alt-svc
h3=":443"; ma=86400
content-length
32982
cf-bgj
imgq:85,h2pri
last-modified
Fri, 28 Jul 2023 11:40:29 GMT
server
cloudflare
etag
"0c5d451d92738dcd96474c734dc5b7c8"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOLGGIJn9ipV9KnvfpX6Db84WYRIKO4zzBaeF3puWUKu8AySfsjATYpIAQGqWCYhIjFGjEDNugfmwrvcFcHKxEVdnL9qHHlTOdmkKrXHpMPhUx8JbtIQfqhQXsBmzgFjl%2FdUGqxRaql0nz1e"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f818c76d81a18c9-FRA
expires
Fri, 18 Aug 2023 11:24:05 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 46F7 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=728&d=90&e=&g=30cde0e5af03cfc80d1e611d648291e2%2F16412209434263918788&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445309&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2302814
cf-polished
origSize=105738, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
92686
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jg2ZZXUrGVQsXdxf49a8OLveftJvMzz1xRxPXTJNlOMF6bLoSKT8CYOyx2QZZbej2VIEwI9nM32%2BW%2BfJ9vvWe8cy%2BlIn9n3I8NopLDrkLRg2lHpyK%2FxzP2Tk8mDrRKmhpYz0ho2ZuViJ3YJW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f818c76d81c18c9-FRA
expires
Fri, 18 Aug 2023 11:24:05 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 46F7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=728&d=90&e=&g=30cde0e5af03cfc80d1e611d648291e2%2F16412209434263918788&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445309&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
581597
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPNtosw%2Fo%2Bmlci5fhmoBA%2B2NDI7rLIT5qxDVJ4Um3bezIxV53Q6Vi5NjDjhM9plH6wHoAPf3SqYePnmq2c2p9nW%2F%2F2adHku1xK1LkodUrcobJkMdDQiRD2YoNLlVjayMqUxfLo%2BxBxUOgQFA"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f818c76d81e18c9-FRA
expires
Fri, 18 Aug 2023 11:24:05 GMT
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 46F7 		253 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=728&d=90&e=&g=30cde0e5af03cfc80d1e611d648291e2%2F16412209434263918788&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445309&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2628358
cf-polished
origFmt=png, origSize=431531
alt-svc
h3=":443"; ma=86400
content-length
259252
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Jun 2023 10:20:07 GMT
server
cloudflare
etag
"16f7fe8ce7119ba0f513f8179ecb2d3a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hh6IoO5cbgzRh1sK%2FpeV%2BO8ehPNMZ1p5t2r9%2Fh5OBRCaS3Apx%2BR0nRSWnq1ZI7a3urWlEphUK14tP5zUf9%2FueW3Umx7PePzqeYrs23n4G8Pu2u6FQLg7vlSxZiJ7ie4QdF%2BAGUVpU0GTKY2E"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f818c76d82018c9-FRA
expires
Fri, 18 Aug 2023 11:24:05 GMT
cshow.php
www.awin1.com/ Frame 46F7 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=728&d=90&e=&g=30cde0e5af03cfc80d1e611d648291e2%2F16412209434263918788&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445309&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.80.244.96 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-244-96.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:05 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
link.html
track.webgains.com/ Frame DFD5 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h4m95159zqr7ws4js727197sr7bngh5qearqwkbywnrph6kstn24nzaxjpmxvfn8sveqr4nbfq4fq488znt0s1837awxqzwv3eaksn9w7ch7m4vkna9s2s8ebcb9h7kctbckaw0nd9aw7rjezgkh3cf96r26z0fync21ba6k8e408nekp1d3ymq7a6aa6ehyjzavsveypv1jjts9g0hspr1s82vzy14j7y0ahkg4cn76534788qxegnr17n17kmn150%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%252526client%25253Dca-pub-8278416939377896%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C157265%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKM%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CGgdFBfpf6jZGCKHeHGtBCppJHZSYTJVPTY8zK%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=ce88c192b3f1e0ce9c16159bc9b85813%2F8424617169155200433&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.45.49 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-45-49.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
192ca79a21efa14b1eb960814f3bf85049fb8c7bfc07ded62de399f0fac109f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
last-modified
Thu, 17 Aug 2023 11:24:05 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 17 Aug 2023 11:25:05 GMT
khaos.jpg
token.rubiconproject.com/ Frame 6D55 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
link.html
track.webgains.com/ Frame 46F7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gpngcbnqp8jwg7mb6ee32qp2a6th6aw598jhx3fyy73zvy2d9j8j1662z4k9j69wq8syj4m4hrkmbecm00bhyz7e9hzkj4c675dqc32j1q95dkd4245s3hvj31rwchvrs58f81h7yh5cn061mpm7bcgzwbzvywvwradvk24nbxjjn1qghk8vr2nr9vveq0fetjtp6a1nxde1n0cvr3nzs8vznjxtwpbzfmy5z80g4pznkzhg1bdkvv9m1qz4kjyq7944%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%252526client%25253Dca-pub-8278416939377896%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=728&d=90&e=&g=30cde0e5af03cfc80d1e611d648291e2%2F16412209434263918788&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445309&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.45.49 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-45-49.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
b7d46543dfd80c39294fce03e81be58efe46741904ca7dce630461d50c61d6dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
last-modified
Thu, 17 Aug 2023 11:24:05 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 17 Aug 2023 11:25:05 GMT
8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d610bf__@@_____A1M-150_300x25062b9682c0fe7f.js
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame 2B43 		81 KB
82 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d610bf__@@_____A1M-150_300x25062b9682c0fe7f.js?ts=1692271445648
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/dbt/dbtlib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
790402e3824b48ca388555d4eaa06a555ab5e118149f652a4393906129b1945b

Request headers

Accept
application/json
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/json

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 dbt-directory03
Last-Modified
Fri, 04 Aug 2023 13:34:37 GMT
Server
ISAS
ETag
"d184e5aefdb92ecb0c561702634d2083"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline;filename="8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d610bf__@@_____A1M-150_300x25062b9682c0fe7f.js";size=82924
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
82924
8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d610bf__@@_____A1M-150_300x25062b9682c0fe7f.js
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d610bf__@@_____A1M-150_300x25062b9682c0fe7f.js?ts=1692271445648
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Allow
HEAD, DELETE, GET, OPTIONS
Content-Length
26
Content-Type
text/plain
Date
Fri, 04 Aug 2023 13:39:51 GMT
Server
ISAS
Vary
Accept-Encoding
X-Pect
The Spanish Inquisition
via
1.1 dbt-directory01
pvClk.min.js
analytics.webgains.io/ Frame 46F7 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gpngcbnqp8jwg7mb6ee32qp2a6th6aw598jhx3fyy73zvy2d9j8j1662z4k9j69wq8syj4m4hrkmbecm00bhyz7e9hzkj4c675dqc32j1q95dkd4245s3hvj31rwchvrs58f81h7yh5cn061mpm7bcgzwbzvywvwradvk24nbxjjn1qghk8vr2nr9vveq0fetjtp6a1nxde1n0cvr3nzs8vznjxtwpbzfmy5z80g4pznkzhg1bdkvv9m1qz4kjyq7944%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%252526client%25253Dca-pub-8278416939377896%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-78.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:00:09 GMT
content-encoding
gzip
via
1.1 415e8d76bf2c69e5e03b89ba8461cd7e.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 14:11:27 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
48239
etag
W/"cb7accb6a6fc086cd831549a78a2fe42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
m2c9itm72Hig75X879pIsjWpDzEmKdAinad1KVWFNwJAl97PNbVq8g==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 46F7 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1692271745&Signature=p3W~SHde8fhuOaYdKrnUWXIdry~lDET6yczmHmGlVUPUw3qVzKxsJS2VljGhRcpDDFq7510aCFPW2AePVo~B1GpWiiR8SvEDxlbY9tEyTEJ2fw6u6VxBAC~riSuhl9axG10YxtBJsCoMvPnnu99PTc5lb0X4-Ey0C2wKA1nD~zubDf7UHnXkJUd-obsXs0i-KrA5J7GGFSaiA6IQv0m6bHz6Gv7c8WPb18ehF53458LtQNi3PHdnYglS0gsjbtBpnHnzjIuPagBRRleeUvpfglLYlvbxL37CayWmJtultN0OwAP9QCWz-Lggrjpamc2TISITKBr9FieZSXgwYO94VA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=728&d=90&e=&g=30cde0e5af03cfc80d1e611d648291e2%2F16412209434263918788&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445309&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-46.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 17 Aug 2023 08:17:05 GMT
via
1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
AMS54-C1
age
11221
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
t-5BgHUbpOiaqQ_eI0PU_F9YzN9kMuAMLusQS0-ZVCdAdcYHX75mNA==
8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d6ea94__@@__64ccaeb59fb40.jpg
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame E769 		203 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d6ea94__@@__64ccaeb59fb40.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
cbdd744652a0996e4783197fe2396762405a851da4ad61cb6f373e5896efca94

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 dbt-directory02
Last-Modified
Fri, 04 Aug 2023 13:34:37 GMT
Server
ISAS
ETag
"24d1c00de548caf36808b231014eaf4c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline;filename="8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d6ea94__@@__64ccaeb59fb40.jpg";size=207608
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
207608
8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d81791__@@__64ccaec200959.jpg
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame E769 		233 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d81791__@@__64ccaec200959.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
75cb64f6fb01f8ff69747b4d466b4b3fdcd778fa31005e1be1d1b81de379799f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 dbt-directory01
Last-Modified
Fri, 04 Aug 2023 13:34:37 GMT
Server
ISAS
ETag
"e71a4700fb6caf45f6b6b8f5eca56c24"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline;filename="8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d81791__@@__64ccaec200959.jpg";size=238655
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
238655
8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d6ea94__@@__64ccaeb59fb40.jpg
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame 2B43 		203 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d6ea94__@@__64ccaeb59fb40.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
cbdd744652a0996e4783197fe2396762405a851da4ad61cb6f373e5896efca94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 dbt-directory03
Last-Modified
Fri, 04 Aug 2023 13:34:37 GMT
Server
ISAS
ETag
"24d1c00de548caf36808b231014eaf4c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline;filename="8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d6ea94__@@__64ccaeb59fb40.jpg";size=207608
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
207608
8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d81791__@@__64ccaec200959.jpg
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame 2B43 		233 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d81791__@@__64ccaec200959.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
75cb64f6fb01f8ff69747b4d466b4b3fdcd778fa31005e1be1d1b81de379799f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:05 GMT
via
1.1 dbt-directory02
Last-Modified
Fri, 04 Aug 2023 13:34:37 GMT
Server
ISAS
ETag
"e71a4700fb6caf45f6b6b8f5eca56c24"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline;filename="8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d81791__@@__64ccaec200959.jpg";size=238655
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
238655
pvClk.min.js
analytics.webgains.io/ Frame DFD5 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h4m95159zqr7ws4js727197sr7bngh5qearqwkbywnrph6kstn24nzaxjpmxvfn8sveqr4nbfq4fq488znt0s1837awxqzwv3eaksn9w7ch7m4vkna9s2s8ebcb9h7kctbckaw0nd9aw7rjezgkh3cf96r26z0fync21ba6k8e408nekp1d3ymq7a6aa6ehyjzavsveypv1jjts9g0hspr1s82vzy14j7y0ahkg4cn76534788qxegnr17n17kmn150%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%252526client%25253Dca-pub-8278416939377896%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-78.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:00:09 GMT
content-encoding
gzip
via
1.1 415e8d76bf2c69e5e03b89ba8461cd7e.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 14:11:27 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
48239
etag
W/"cb7accb6a6fc086cd831549a78a2fe42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
JTLAZhgbpQxoc9av-wdp-WRxUapD84X9La0_ST8shdxvNiuKCurmvQ==
link.html
track.webgains.com/ Frame DFD5 		45 B
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=3756941
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C157265%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKM%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CGgdFBfpf6jZGCKHeHGtBCppJHZSYTJVPTY8zK%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=ce88c192b3f1e0ce9c16159bc9b85813%2F8424617169155200433&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.45.49 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-45-49.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
88400ece0824eb5322a437984edfb5b0c752a92af7efa7d5970fcb161c8721eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
server
awselb/2.0
content-length
45
content-type
text/html
cc.jpeg
px.vliplatform.com/iv-v4/ 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNoc-UeaKPtZy-MPyq-PUMa-wAYa-PwTyrYAqTUZyRqxeNco_YPPaBTAKUUK_TRwNhxwdqzoeRlmNBAAbYZARdzNwqfftkRrdzNRmNTAKUUKRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tiw2y9QAa9L92%2FLmx7mRkoicXD6uINnqZVDFF0HwL3gakTyc%2FX3n7Z%2Ff6qQKVYr1z8B2kr%2BYyfEiR2lhxXiw0hbW9nXWgzryd3dNmvM0VjD09VYQg%2FIEi4Sl2WrP3Lh9ufFNhDv9lWtsj1xjyFGkpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c788d473689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/iv-v4/ 		0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNoc-yYaUyBYr-qUBY-Prrw-qAYM-eBwyZrTqrreeRqxeNRwNqrb_TZYdtroqRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNTAMBMPRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edQR3U7DoN2%2BcaF9TyjiZvO77%2BmepVOGm9XMETMeIXcvC5TxWvqlTams01MnX5oO5mP%2BEfgjAH%2FMH%2BsCK2iZZOdu14F2ybhXy5ynGhI3ZzkRc0poFGjDsjWH%2FKNP5iqmM7YnqPA92ocUeNXcklVtzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c789d563689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
sans-57-condensed.woff
is.dopascalls.1und1.de/banners/3202/dbt/1u1/assets/fonts/ Frame E769 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://is.dopascalls.1und1.de/banners/3202/dbt/1u1/assets/fonts/sans-57-condensed.woff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.12 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
32a3422a74af7d747de4ac5565752364302c87f16f4f546cf2f9473626d7df8e

Request headers

Referer
Origin
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:24:05 GMT
last-modified
Wed, 15 Dec 2021 21:09:51 GMT
accept-ranges
bytes
etag
"236482354"
content-length
29376
content-type
application/font-woff
occ
ups.analytics.yahoo.com/ups/58675/ 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/usync/ Frame 5A9C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
setuid
u.4dex.io/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=1863437367
  • https://sync.1rx.io/usersync/turn/4138269106523966498?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-19f78d4c-a502-4260-bdfd-fa738269cfdd-003?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-19f78d4c-a502-4260-bdfd-fa738269cfdd-003
  • https://u.4dex.io/setuid?bidder=unruly&uid=RX-19f78d4c-a502-4260-bdfd-fa738269cfdd-003
0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=unruly&uid=RX-19f78d4c-a502-4260-bdfd-fa738269cfdd-003
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=unruly&uid=RX-19f78d4c-a502-4260-bdfd-fa738269cfdd-003
date
Thu, 17 Aug 2023 11:24:06 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX19f78d4ca5024260bdfdfa738269cfdd003
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame D596 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuuQdyJWz2tupo10HU5kjS3iXMcljOh5FW3HBoM3W74fgzwGuDXrBlyESdqvqpMdCzxylKQ3bUFnH05u7eJE4AcKWPVl_VdtTnUlo&sig=Cg0ArKJSzD7vHKRZ-3gcEAE&id=lidar2&mcvt=1000&p=0,480,300,1120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1788617067&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692271444662&rpt=311&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 7B60 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=I1p7H3bqLKGb_3jjReJpoDUXYRwyfUvpVaubx7lAO1MYebaSgHVEb8vbOIglDm_j6GF_R4IDxOhMmRhubNTLygG-6eQjFHqNOCuWlMDHgOkAriNOnP0InRz0mUexqaLPIDgbQNf_4f_UqLzikVQYNnV4KiynBKmCV2ouhEEEqk7GtGZ6GO9IE9GZMz4N7XyTKFJoKM7fsjhT5OgHzl_0zM3CNja26CIr9e486aG6kk5CInmmaJB3pxOmKnyEyNFS2B4K6A&sds=2&rev=87880&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:24:05 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 1801 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 6A10 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspVROH1T39XiAY4q0GwOPL_py1LKFFQ7dhZEBtFdcdsHLzfvDjO1RKnqKl4R94QRtlF8XmWrwbP6AIS4osOwdC4M7Ydm_ogvU5gyBZ&sig=Cg0ArKJSzCQ0aVp7Yy8_EAE&id=lidar2&mcvt=1000&p=1164,435,1254,1163&mtos=790,929,1000,1012,1012&tos=790,139,71,12,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3262429219&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692271445083&rpt=203&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/iv-v4/ 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNoc-UaMPZYTe-KYZe-PUYT-MeeP-wUtAettTPTAKRqxeNRwNqrb_TZYdtroqRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNTAMBMBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:06 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:24:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nH0qgcyUFXl7Z3fQPky6q%2BYOZ1w0slRtX5j057t8lrJ1ypC3WOFFaXHIZn6tBE5%2Fhkx0MQQ%2B%2FHtnwavD8Gg2PZdza6XG7VbBUbqnU%2B0qmAmI4NxNfzxmq5VQhJB9ebctBniarA2m1pWJ3M76Yn7zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f818c7c5c253689-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
activeview
pagead2.googlesyndication.com/pcs/ Frame D5E3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstseSicusWwAKhfISPiJ1dGrNmOGLnlVa9mPI0bfHMwaR_VYCbC5Qo2B0Jwx6ZDhdU__B6w5u-mp4Wq54A4d95qxyqPnzNLB352df6KvTbhzEfbAbGg&sig=Cg0ArKJSzD9CCKOBPTAiEAE&id=lidar2&mcvt=1180&p=803,980,1053,1280&mtos=1180,1180,1180,1180,1180&tos=1180,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2774311524&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692271445187&rpt=169&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
eb2.3lift.com/ Frame 857C 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
a116acc9eec96d79791282dc50f9ec924d9ebc91aaf0fc4558b36566ef973d1b

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1298
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:24:06 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
eb2.3lift.com/ Frame B96A 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
a116acc9eec96d79791282dc50f9ec924d9ebc91aaf0fc4558b36566ef973d1b

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1298
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:24:06 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
tracking-event
api.webgains.io/ Frame 46F7 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.31.191 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-31-191.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Aug 2023 11:24:06 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.31.191 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-31-191.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:24:06 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.31.191 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-31-191.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:24:06 GMT
server
nginx
tracking-event
api.webgains.io/ Frame DFD5 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.31.191 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-31-191.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Aug 2023 11:24:06 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
generic
match.adsrvr.org/track/cmf/ Frame B96A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ebda
eb2.3lift.com/ Frame B96A
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B96A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDhFHZwc7vqJT8fpqXnkeX8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDhFHZwc7vqJT8fpqXnkeX8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDhFHZwc7vqJT8fpqXnkeX8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B96A
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D
date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame B96A 		0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=46094411890339888485&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:06 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6D173D84D8F04013A2E295783DD363EF Ref B: FRAEDGE1815 Ref C: 2023-08-17T11:24:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDHKZyhlfWVjhe3K2kTg==
sync
x.bidswitch.net/ Frame B96A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=46094411890339888485&gdpr=0&gdpr_consent=
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=1ab11767-d619-4fc8-bdc0-9c39973188cb
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=feae710e-9c96-4cfd-b55b-27144b5b049e&expires=10&ssp=triplelift&bsw_param=1ab11767-d619-4fc8-bdc0-9c39973188cb
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=340&user_id=feae710e-9c96-4cfd-b55b-27144b5b049e&expires=10&ssp=triplelift&bsw_param=1ab11767-d619-4fc8-bdc0-9c39973188cb
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
3.124.27.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-27-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=340&user_id=feae710e-9c96-4cfd-b55b-27144b5b049e&expires=10&ssp=triplelift&bsw_param=1ab11767-d619-4fc8-bdc0-9c39973188cb
date
Thu, 17 Aug 2023 11:24:06 GMT
via
1.1 5071afda1ab6f09c39c5873ced3e225c.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
x-amz-cf-id
vpSj6zuZw3aVDwK-ARyAWugxuOKz7nR9cbk2FOl0UOdk5BO2XwIeag==
x-cache
Miss from cloudfront
46094411890339888485
pr-bh.ybp.yahoo.com/sync/triplelift/ Frame B96A 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/triplelift/46094411890339888485?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:5fd4:6fb0:e48:6d7e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
c.gif
c.bing.com/ Frame B96A 		42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=46094411890339888485&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
last-modified
Tue, 06 Jun 2023 17:31:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 36BA6E810C844029B93F448F7D7DDEEC Ref B: FRA31EDGE0515 Ref C: 2023-08-17T11:24:06Z
etag
"dca6ffb69c98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame B96A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
  • https://eb2.3lift.com/xuid?mid=2711&xuid=c93b3ca0-285e-413a-9c84-b21e7a82437f&dongle=013b
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=c93b3ca0-285e-413a-9c84-b21e7a82437f&dongle=013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=c93b3ca0-285e-413a-9c84-b21e7a82437f&dongle=013b
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
671757
content-length
0
expires
Thu, 17 Aug 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B96A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7459351539056021238&dongle=4d58&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7459351539056021238&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
an-x-request-uuid
590c3808-13ac-4860-878b-25ec7fa76849
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=7459351539056021238&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
81.95.5.35; 81.95.5.35; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
u.4dex.io/ Frame B96A 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=triplelift&uid=46094411890339888485
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
generic
match.adsrvr.org/track/cmf/ Frame 857C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ebda
eb2.3lift.com/ Frame 857C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 857C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDhFHZwc7vqJT8fpqXnkeX8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDhFHZwc7vqJT8fpqXnkeX8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDhFHZwc7vqJT8fpqXnkeX8&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 857C
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H3
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYwOTQ0MTE4OTAzMzk4ODg0ODU%3D
date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 857C 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=46094411890339888485&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:06 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 10C6C24CB358488086A47A06A40BEBD2 Ref B: FRAEDGE1815 Ref C: 2023-08-17T11:24:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDHKZyfKl40PmFGjePfg==
sync
x.bidswitch.net/ Frame 857C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=46094411890339888485&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2407697930668253618&ssp=triplelift
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=2407697930668253618&ssp=triplelift
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
3.124.27.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-27-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=2407697930668253618&ssp=triplelift
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
46094411890339888485
pr-bh.ybp.yahoo.com/sync/triplelift/ Frame 857C 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/triplelift/46094411890339888485?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:5fd4:6fb0:e48:6d7e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
c.gif
c.bing.com/ Frame 857C 		42 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=46094411890339888485&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
last-modified
Tue, 06 Jun 2023 17:31:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5613D3084A0B47899D110A604E07A7E3 Ref B: FRA31EDGE0515 Ref C: 2023-08-17T11:24:06Z
etag
"dca6ffb69c98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 857C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
  • https://eb2.3lift.com/xuid?mid=2711&xuid=c93b3ca0-285e-413a-9c84-b21e7a82437f&dongle=013b
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=c93b3ca0-285e-413a-9c84-b21e7a82437f&dongle=013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=c93b3ca0-285e-413a-9c84-b21e7a82437f&dongle=013b
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
602009
content-length
0
expires
Thu, 17 Aug 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 857C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7459351539056021238&dongle=4d58&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7459351539056021238&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
an-x-request-uuid
1b55ab27-11bc-451a-a27d-4626c9740e6f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=7459351539056021238&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
81.95.5.35; 81.95.5.35; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
u.4dex.io/ Frame 857C 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=triplelift&uid=46094411890339888485
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
setuid
u.4dex.io/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB
0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FT8ybhQ180gEQpzd%2F%2BVLb2pG5T8SnDLSZxXJ1O24c3eTeRO76QJCHP7g99Xi3eanxgwHnmhM5r5HJXACJ1Xad2t4Ykv%2FwOUhtkVTuAZGFDjZ3Ysdp0YHvWkluy%2FNkC%2FtMMZpakcqbgLsmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB
cache-control
no-cache
cf-ray
7f818c7fbe7404a3-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
sync
eb2.3lift.com/ Frame 0C31 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
4c038b9fd76a627ea107efde07626d8de392f7eb92b847a198327dbdc42bfc35

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1154
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:24:07 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame A819 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
setuid
ib.adnxs.com/prebid/ Frame 0C31 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=46094411890339888485
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
an-x-request-uuid
e7e5e273-849d-481b-a9a4-2b8dba79932b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.35; 81.95.5.35; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 0C31 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=46094411890339888485
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
an-x-request-uuid
099527c3-e17c-43bf-9ed9-dbfd0ebc95cf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.35; 81.95.5.35; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 0C31
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=74028443-b1bd-4f33-8a88-39ffc4005428&dongle=d54f&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=74028443-b1bd-4f33-8a88-39ffc4005428&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=74028443-b1bd-4f33-8a88-39ffc4005428&dongle=d54f&gdpr=0&gdpr_consent=
Date
Thu, 17 Aug 2023 11:24:07 GMT
Connection
keep-alive
X-CI-RTID
3bfa0a61-2c71-4608-be1a-4a91e12f4360
Content-Length
149
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 0C31
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4138269106523966498&dongle=d407&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=4138269106523966498&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=4138269106523966498&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
xuid
eb2.3lift.com/ Frame 0C31
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 0C31
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35&dongle=4430
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35&dongle=4430
Date
Thu, 17 Aug 2023 11:24:07 GMT
Connection
keep-alive
Content-Length
136
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame 0C31 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.238.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-238-40.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:07 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame 0C31 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.238.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-238-40.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:07 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0C31 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 0C31 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=46094411890339888485
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
setuid
u.4dex.io/ Frame 0C31 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=triplelift&uid=46094411890339888485
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 3A74 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65610706&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
4751293cf130da3364382eb92608b62bcf4306a844fb045822b78eae44848b1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 17 Aug 2023 11:24:06 GMT
content-length
1424
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame E9FA 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=1E9AD575-C789-434E-B4E7-7684BEEE02FB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 17 Aug 2023 11:24:07 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame A982
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=1E9AD575-C789-434E-B4E7-7684BEEE02FB&gdpr=0&gdpr_consent=
42 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=1E9AD575-C789-434E-B4E7-7684BEEE02FB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 11:24:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=1E9AD575-C789-434E-B4E7-7684BEEE02FB&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pub
matching.truffle.bid/sync/ Frame FB83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 17 Aug 2023 11:24:07 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 5092
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CB22D64B9FCB4F978BEE2013A9CA74BD&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CB22D64B9FCB4F978BEE2013A9CA74BD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:24:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 17 Aug 2023 11:24:07 GMT
expires
Wed, 16 Aug 2023 11:24:07 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CB22D64B9FCB4F978BEE2013A9CA74BD&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 1216
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1028135278
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1028135278
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 17 Aug 2023 11:24:07 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 17 Aug 2023 11:24:07 GMT
etag
RX19f78d4ca5024260bdfdfa738269cfdd003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1028135278
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
setuid
u.4dex.io/ Frame 1DFA 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)1E9AD575-C789-434E-B4E7-7684BEEE02FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:24:07 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
mw
mwzeom.zeotap.com/ Frame 3A74 		95 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f818c80dabf1a7d-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 3A74
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1E9AD575-C789-434E-B4E7-7684BEEE02FB&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1E9AD575-C789-434E-B4E7-7684BEEE02FB&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1E9AD575-C789-434E-B4E7-7684BEEE02FB&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:19 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:18 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=1E9AD575-C789-434E-B4E7-7684BEEE02FB&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
/
spl.zeotap.com/ Frame 3A74
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=1E9AD575-C789-434E-B4E7-7684BEEE02FB&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0cb3dfacc520d43874a3aec2404f3ff3&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=8cb3989c5dc47795
95 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=8cb3989c5dc47795
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f818c83f82e1a7d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=8cb3989c5dc47795
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3A74
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7459351539056021238
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7459351539056021238
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
an-x-request-uuid
b61b7e6d-7469-43a9-ab35-3de254305712
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7459351539056021238
x-proxy-origin
81.95.5.35; 81.95.5.35; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1801 		47 B
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83504324&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 17 Aug 2023 11:24:07 GMT
content-length
47
content-type
text/html; charset=UTF-8
setuid
u.4dex.io/ Frame AA45 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)1E9AD575-C789-434E-B4E7-7684BEEE02FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:24:07 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
setuid
u.4dex.io/ Frame B52B 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)1E9AD575-C789-434E-B4E7-7684BEEE02FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:24:07 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.com%2F&domain=securityaffairs.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://securityaffairs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 17 Aug 2023 11:24:06 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
195825
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
set
id.a-mx.com/
Redirect Chain
  • https://id.a-mx.com/sync/?tagId=&ref=null&u=https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html&tl=https://securityaffairs.com/148981/hacking/citrix-sharef...
  • https://c3.a-mo.net/b?gdpr=0&gdpr_consent=&us_privacy=null&gpp=&gpp_sid=&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D
  • https://id.a-mx.com/set?uid=55b86fc0-9f55-4785-9dd9-e556c0ed0d7f&gdpr=0&gdpr_consent=&us_privacy=null&gpp=&gpp_sid=
99 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/set?uid=55b86fc0-9f55-4785-9dd9-e556c0ed0d7f&gdpr=0&gdpr_consent=&us_privacy=null&gpp=&gpp_sid=
Protocol
H2
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3397252c470ca9e2a2b2b1ac0219b670ca83a4fdaeebe2a4d77ce6583a2d8303

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psTAL484lKXz4QlJ%2FZII3jVG6Frb3J5s3U2nadKa%2FvvWZyuwj9ae7YL1QoJ098SXRjxKFEm5nc23119b3HLphZ6noJ4qNXsm2T220vZOxYHlLUfkapOcF5L8kiNmSwNJWTBGgtEmaXI4UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
cf-ray
7f818c821ea79164-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 17 Aug 2023 11:24:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
location
https://id.a-mx.com/set?uid=55b86fc0-9f55-4785-9dd9-e556c0ed0d7f&gdpr=0&gdpr_consent=&us_privacy=null&gpp=&gpp_sid=
access-control-allow-origin
null
access-control-allow-credentials
true
cf-ray
7f818c820cd49ba7-FRA
content-length
0
json
gum.criteo.com/sid/ 		2 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.com%2F&domain=securityaffairs.com&cw=1&pbt=1&lsw=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
210753
expires
0
prebid
id5-sync.com/api/config/ 		135 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
pbjs
sync.quantumdex.io/usersync/ Frame 6EBE 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b79ba8d8ab78904ad0799b7c920016a4bd8796d2523a48a591d51ec968d6c4bd

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7f818c818ced3619-FRA
content-encoding
gzip
content-type
text/html
date
Thu, 17 Aug 2023 11:24:07 GMT
server
cloudflare
isyn
prebid.a-mo.net/ Frame C1A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 17 Aug 2023 11:24:06 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BD6F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91871
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 11:24:07 GMT
expires
Fri, 18 Aug 2023 12:55:18 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a58d1143a9394f92135af0e5cae0b69df99d2bddf8bec65674421f6944772598
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
696.json
id5-sync.com/g/v2/ 		276 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/696.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
2e6015e919f39b1ce550db25b1005c24ae19177227a39fe1ac1221356971bb34
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:24:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sync
ssbsync.smartadserver.com/api/ Frame 497F 		619 B
868 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
1762aa694c7f63b11890a82485497e9cd1a82458df8ac9c9399dd51b89e19694

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
619
content-type
text/html
date
Thu, 17 Aug 2023 11:24:06 GMT
sync
ssbsync.smartadserver.com/api/ Frame 6B12 		746 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
dcaf40045435742cc7a12ec52a5d37e57acb5ef551140df4443c3de9c84e63a1

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
746
content-type
text/html
date
Thu, 17 Aug 2023 11:24:06 GMT
um
u-ams03.e-planning.net/ Frame 8977 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=f37e14df79e0be88&uid=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:24:07 GMT
server
openresty
setuid
sync.quantumdex.io/ Frame 6EBE
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=8833447933837358415
  • https://sync.quantumdex.io/setuid?bidder=between&uid=d63a404b-fbf1-52e5-8367-819ee7b982c9
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=d63a404b-fbf1-52e5-8367-819ee7b982c9
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f818c838ff63619-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=d63a404b-fbf1-52e5-8367-819ee7b982c9
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
s.ad.smaato.net/c/ Frame 6EBE 		0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:23:31 GMT
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
36
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
ZISFkMo_Y4q1Da0uZMh9GuNMRf52GtCGgO5n_oKtE0HcmBcJ3yTLqA==
v1
match.sharethrough.com/FGMrCMMc/ Frame 6EBE 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.224.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-224-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
pixel
ap.lijit.com/ Frame 6EBE 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 17 Aug 2023 11:24:07 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
0.gif
id5-sync.com/i/495/ Frame 6EBE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 17 Aug 2023 11:24:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 6EBE
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f818c83a8153619-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-store
content-length
0
expires
0
setuid
sync.quantumdex.io/ Frame 6EBE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7459351539056021238
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7459351539056021238
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f818c831f653619-FRA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
an-x-request-uuid
280a22cd-afbb-4ef8-b5ed-dc2b7c70e3bf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7459351539056021238
x-proxy-origin
81.95.5.35; 81.95.5.35; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 3E14 		0
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.6.72.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-72-62.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-length
0
content-type
text/html
date
Thu, 17 Aug 2023 11:24:08 GMT
server
istio-envoy
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
/
onetag-sys.com/usync/ Frame 3A4B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 4745 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
6969bdf88a5cce710189e26a5b582a593cbfc5d6c5c0c4d1c29bc70566837677

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1214
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:24:07 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usermatch
ssum-sec.casalemedia.com/ Frame 6AD8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcdbea32acde591b45eaa9f9b943fd57fa384ea2a2156629196f6bd8867c9406

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f818c830b7804a3-FRA
content-encoding
br
content-type
text/html
date
Thu, 17 Aug 2023 11:24:07 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teuaj3j9mLixjFHDC3d7mecs330anfK0RkxewC6A4j0lMRGsOPtozCByv90aa0RjjYXJHCCkclh%2BkK1LKbReOTSm5tlZk2tqJHKSevjfpE74sXhwMbi0%2BMK%2F1IPH9det21EB%2FiA7RHwNqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame C0F8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7f818c832f7a3619-FRA
content-length
43
content-type
image/gif
date
Thu, 17 Aug 2023 11:24:07 GMT
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 17 Aug 2023 11:24:07 GMT
etag
OPTOUT
expires
0
location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1357 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91871
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 11:24:07 GMT
expires
Fri, 18 Aug 2023 12:55:18 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
xuid
eb2.3lift.com/ Frame 4745
Redirect Chain
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=gB6QIIYZwXGbGJJyhB7ZIYAakHCbGcMh0h3SperO
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=gB6QIIYZwXGbGJJyhB7ZIYAakHCbGcMh0h3SperO
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=gB6QIIYZwXGbGJJyhB7ZIYAakHCbGcMh0h3SperO
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
triplelift-match.dotomi.com/match/bounce/ Frame 4745 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
xuid
eb2.3lift.com/ Frame 4745
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAF4KE7JvAcAACaud8B8Jg&dongle=bzwx&gdpr=0
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAF4KE7JvAcAACaud8B8Jg&dongle=bzwx&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAF4KE7JvAcAACaud8B8Jg&dongle=bzwx&gdpr=0
Date
Thu, 17 Aug 2023 11:24:07 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
img
sync.mathtag.com/sync/ Frame 4745 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master cdg cdg-pixel-x33 config_version:"1438" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:07 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x33 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Thu, 17 Aug 2023 11:24:06 GMT
xuid
eb2.3lift.com/ Frame 4745
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZN4DVAAJOvhoaAA_&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=ZN4DVAAJOvhoaAA_&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

x-served-by
cache-fra-etou8220104-FRA
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692271448.544500,VS0,VE0
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=ZN4DVAAJOvhoaAA_&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 4745
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=5a977333-d359-4c83-bf80-cff0723e72a2&dongle=31ac&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=5a977333-d359-4c83-bf80-cff0723e72a2&dongle=31ac&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:24:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=4945&xuid=5a977333-d359-4c83-bf80-cff0723e72a2&dongle=31ac&gdpr=0&gdpr_consent=
Date
Thu, 17 Aug 2023 11:24:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 4745
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=CB22D64B9FCB4F978BEE2013A9CA74BD&dongle=yf3
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=CB22D64B9FCB4F978BEE2013A9CA74BD&dongle=yf3
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Thu, 17 Aug 2023 11:24:07 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=CB22D64B9FCB4F978BEE2013A9CA74BD&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 16 Aug 2023 11:24:07 GMT
xuid
eb2.3lift.com/ Frame 4745
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6547&xuid=mZ3nyFB0GpZRlmsuO8Rx&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6547&xuid=mZ3nyFB0GpZRlmsuO8Rx&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:24:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6547&xuid=mZ3nyFB0GpZRlmsuO8Rx&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:08 GMT, Thu, 17 Aug 2023 11:24:08 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
CookieSyncTripleLift
rtb.adentifi.com/ Frame 4745 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.180.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-180-243.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:08 GMT
xuid
eb2.3lift.com/ Frame 4745
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6019&xuid=3xTNITwA1QwB6J5&dongle=465e&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6019&xuid=3xTNITwA1QwB6J5&dongle=465e&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:06 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0dcb732bd13b1eb84@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://eb2.3lift.com/xuid?mid=6019&xuid=3xTNITwA1QwB6J5&dongle=465e&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
u.4dex.io/ Frame 497F 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=874074812146396405&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
generic
match.adsrvr.org/track/cmf/ Frame 497F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
genericusersync.ashx
sync.tidaltv.com/ Frame 497F 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:24:b001:ea7e:ead4:fe95:47ef Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame 497F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2407697930668253618&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2407697930668253618&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:06 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2407697930668253618&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 497F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7268250507939412111&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7268250507939412111&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7268250507939412111&gdpr=0&gdpr_consent=
Date
Thu, 17 Aug 2023 11:24:07 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
setuid
sync.quantumdex.io/ Frame 15D1 		43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7f818c834f983619-FRA
content-length
43
content-type
image/gif
date
Thu, 17 Aug 2023 11:24:07 GMT
server
cloudflare
crum
dsum-sec.casalemedia.com/ Frame 6AD8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7459351539056021238
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7459351539056021238
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
an-x-request-uuid
0448e38a-3bcf-4b93-8e64-98d909bda64f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7459351539056021238
x-proxy-origin
81.95.5.35; 81.95.5.35; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6AD8 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:5fd4:6fb0:e48:6d7e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ie
match.prod.bidr.io/cookie-sync/ Frame 6AD8 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.146.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-146-181.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:07 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 6AD8 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tp_out
d.adroll.com/cm/index/ Frame 6AD8 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:4270:c547:791f:3f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
sync
x.bidswitch.net/ Frame 6AD8 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.27.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-27-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 6AD8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=2-3yAd3qo1DA6_BT3-27ANvp8lHA6qEAie5MHKqn
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=2-3yAd3qo1DA6_BT3-27ANvp8lHA6qEAie5MHKqn
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=2-3yAd3qo1DA6_BT3-27ANvp8lHA6qEAie5MHKqn
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6AD8 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:24:07 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5FQYYG7YFWB3X4EJBPXR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame 6AD8 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f818c835fb33619-FRA
content-length
43
content-type
image/gif
setuid
u.4dex.io/ Frame 6B12 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=3100904523491322904&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
redir
rtb-csync.smartadserver.com/ Frame 6B12
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAF4KE7JvAcAACaud8B8Jg&partnerid=127&gdpr=0
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AAF4KE7JvAcAACaud8B8Jg&partnerid=127&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AAF4KE7JvAcAACaud8B8Jg&partnerid=127&gdpr=0
Date
Thu, 17 Aug 2023 11:24:07 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 6B12
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7459351539056021238&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7459351539056021238&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:07 GMT
an-x-request-uuid
8f0e49e2-8db7-478b-9156-8d413a77423b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7459351539056021238&gdpr=0&gdpr_consent=
x-proxy-origin
81.95.5.35; 81.95.5.35; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
p
a.audrte.com/ Frame 6B12
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=969MaRQnToiRg6LGsrRgPxRbA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3D...
  • https://a.audrte.com/match?uid=3100904523491322904&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
54.157.243.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-243-229.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:24:07 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 17 Aug 2023 11:24:07 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
s.ad.smaato.net/c/ Frame 6B12 		0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:23:34 GMT
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
33
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
QNMtrlMUyXSAJ6xv_pPvp--U8MIS5AK3EElpEV-0OQt5aO-fuOB76w==
um
u-ams03.e-planning.net/ Frame 928C 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=f37e14df79e0be88&uid=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Df37e14df79e0be88%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:24:07 GMT
server
openresty
setuid
sync.quantumdex.io/ Frame FE98 		43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7f818c83e8743619-FRA
content-length
43
content-type
image/gif
date
Thu, 17 Aug 2023 11:24:07 GMT
server
cloudflare
usersync
usersync.gumgum.com/ Frame 74DC 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:24:08 GMT
Expires
0
Pragma
no-cache
usersync
usersync.gumgum.com/ Frame 77AE 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:24:08 GMT
Expires
0
Pragma
no-cache
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame AF60 		155 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-7.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Aug 2023 11:35:11 GMT
via
1.1 ac979e099d122e39d3a8fac95688a69a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
85738
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 31 May 2023 20:08:40 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
lfOPMKotM-u5Ozhg8Qva0Fpl8RdmjNvWD86r4iTT75SRMN5VKbZEcw==
data
bcp.crwdcntrl.net/6/ Frame AF60 		60 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.185.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-185-171.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
88cad8e2e9b1b523fde0011415b95565247ed420df3d11c33212115cf974a23f

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.5.156
access-control-allow-credentials
true
content-length
60
expires
0
nunitosans-700-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame 7B60 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c7f4920095694476c9df96d4a04c4b0bdb7e8c69cefe0e0e596939749508098
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:50 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f06a-42dc"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:24:08 GMT
um
u-ams03.e-planning.net/ Frame 1454 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=b31899ded8ce2225&uid=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:24:08 GMT
server
openresty
usersync
usersync.gumgum.com/ Frame 2EEB 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:24:08 GMT
Expires
0
Pragma
no-cache
um
u-ams03.e-planning.net/ Frame 468D 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=b31899ded8ce2225&uid=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Db31899ded8ce2225%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:24:08 GMT
server
openresty
usersync
usersync.gumgum.com/ Frame 00A3 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=1E9AD575-C789-434E-B4E7-7684BEEE02FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:24:08 GMT
Expires
0
Pragma
no-cache
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 9B10 		155 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-7.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Aug 2023 11:35:11 GMT
via
1.1 ac979e099d122e39d3a8fac95688a69a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
85739
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 31 May 2023 20:08:40 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
ln_NhVtiuY0mvJ9IkIqPfDKFuSxWgzH14IuIie7xy87lA5JxlIK4HA==
data
bcp.crwdcntrl.net/6/ Frame 9B10 		60 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.185.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-185-171.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
71d4dcf1b44c272b813c5da48f80e4e977bd2a1aedbd89d4a3c1792c2123403e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:24:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.5.28
access-control-allow-credentials
true
content-length
60
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 3A74 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:24:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
all
csm.eu.criteo.net/ Frame 7B60 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=I1p7H3bqLKGb_3jjReJpoDUXYRwyfUvpVaubx7lAO1MYebaSgHVEb8vbOIglDm_j6GF_R4IDxOhMmRhubNTLygG-6eQjFHqNOCuWlMDHgOkAriNOnP0InRz0mUexqaLPIDgbQNf_4f_UqLzikVQYNnV4KiynBKmCV2ouhEEEqk7GtGZ6GO9IE9GZMz4N7XyTKFJoKM7fsjhT5OgHzl_0zM3CNja26CIr9e486aG6kk5CInmmaJB3pxOmKnyEyNFS2B4K6A&sds=2&rev=87880&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4DVAAGVz8IFVdTAAQwRnxIIKhpvrsfBrFU7A&u=%7CB8qKfWKih8lFCl3tLZqkDgKhApcof7%2BTaTM2aBzNZEw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtTrFeys1Ogpy9vSFVWXfYBpDoLoGdmbfrO14QGfOtAN9SJsNHJ-HJRzWRJ2sSiyKaAL_8wlQxwrkfWsO8Hs1HVBfp20B3sGfpa60Z3BSCBG6YB0O4GvFWR-psdWyZAiv17vdp1gm3f4o4Z2OAH-ZIX9JQG8m-mn16-5AzCAsdQTwrd29WbUZ5isOKH0U0yXuCtVusCWFRp2ojYEVHOKNZ76CO-w1769NZFYfwE_1BN3clWwUr77z3iLfHDjvn2zwopSeCivgLDmnr9gLc91hMUCbJ5p25o18JXDa88yso6g6C6bqD0G8uKgCtTYqy6j1vQHNfKXg6-6r6v_G6a68XjsukgjgtoGK-pUyTTFb75bwm0psAFV9V92cNYUwGROPeobBg_4xHdO0lXhttoLAWXoJtRBCVHtl6VRofUReYRj782EGLjuMUDrgh3jk5A_QO7J5OPPnKaJ1ZGGh5KwM_FcrMKfvrhVOBDRixDm2WisF5mosNBRQEAa07DQxcl0sOU8F_hewEsTk_f1gpgWiOpN_bL8NzOojuXSQOpJwleQz7G4bVyTIAW-B9tnuyjaHKFV79iN84bqsIf_gyK2vquo2s67k6rHl5yTl20f-vLWDWNvOnFXG5Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMYeOVAPeZL-uGdOu1fAPxuCQsAXJntKxXPWdmPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_QeUlMHf7UTMuc6oPjizuaT0gmlXfXQLmz9hwdV47nkO53HQnVi2Pfa28juDe7F-2tChlIqHL7iHuLToYAQI587wTiVFG4f89DEKd4mC6_O3WYKLKBnIZy1em_nifnmsJGIyEovuJRzi-1OlQbNTc5YGArTX304hiFDc-dIrwR9G1NmwGYAAl8UI2PKZ5tu0XqzUxarrZQZKqb0ec6CDpAbT75BDEIE5TsqstZ0Itk_i81O4Ro4UxzFsWvgoOoU9GY-arshz3SSh7dmqmlTC05FgDXQBldLNEB6Qy4s_IRW-d-Z4QqUeB-f0Eo9xTwP21603pehCk_OSiYZCvmt399dAOhT2xJrnNdU2_KoH2KezKS5cb54i2DXlccWuaYDw7-IKHxkOWtHWTM3xgpeNQxbcBSLQHSv0w2gHXqlfzlADjILZSyBDPgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1llObA2IncdVF7OBQgGalbTHDybQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:24:11 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| documentPictureInPicture object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields object| dataLayer object| vitag function| google_spfd number| google_unique_id object| google_sv_map function| gtag object| WPCOM_sharing_counts object| swv object| wpcf7 object| Main object| BrowserDetect object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer function| $j function| imagePreview object| _stq object| sharing_js_options object| WPCOMSharing undefined| windowOpen object| google_tag_manager function| st_go function| linktracker_init object| wpcom function| onYouTubeIframeAPIReady object| gaGlobal string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| twemoji object| wp object| regeneratorRuntime object| _PBCFG string| tagApi object| viAPItag function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| getEidsByVLI object| $sf object| _aps boolean| apstagLOADED object| apstag object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| vlipbChunk object| vlipb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| googletag object| observeElementInViewport object| apscustom object| sas object| apntag object| _ADAGIO object| pbjs function| setImmediate function| clearImmediate object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo object| Criteo_identitytag_140 object| ONFOCUS

164 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgAIQ6Jv0maAxCgoIgQIQ15f0maAxCgoIhwIQ95T0maAxCgkICRD3lPSZoDEKCQhJENeX9JmgMQoJCAsQ15f0maAxCgoIiwIQ6Jv0maAxCgoIjAIQ95T0maAxCgoIzgEQ15f0maAxCgoIjgEQ6Jv0maAxCgoIkQIQ15f0maAxCgoIkgIQ15f0maAxCgoIlAIQ6Jv0maAxCgoI1gEQ6Jv0maAxCgkIGxDXl_SZoDEKCgidAhDom_SZoDEKCgjeARDXl_SZoDEKCQhfEPeU9JmgMQoJCB8Q95T0maAxCgoIoQEQ95T0maAxCgoI4gEQ95T0maAxCgoI4wEQ6Jv0maAxCgoI5gEQ95T0maAxCgoI5wEQ6Jv0maAxCgoIrAIQ15f0maAxCgoIrQIQ15f0maAxCgoItAIQ95T0maAxCgkIORDom_SZoDEKCQg6EPeU9JmgMQoKCP8BEOib9JmgMQ==
.securityaffairs.com/ Name: _ga_NPN4VEKBTY
Value: GS1.1.1692271443.1.0.1692271443.60.0.0
.securityaffairs.com/ Name: _ga
Value: GA1.1.427256701.1692271443
securityaffairs.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
securityaffairs.com/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.securityaffairs.com/ Name: _ga_P62M3QN974
Value: GS1.1.1692271443.1.0.1692271443.0.0.0
.securityaffairs.com/ Name: __gads
Value: ID=cb49db63397a2afa-225385bb53de002b:T=1692271443:RT=1692271443:S=ALNI_MbhJMsIrzLXJgbXoJ5qVrPErMH6EQ
.securityaffairs.com/ Name: __gpi
Value: UID=00000c6202444b46:T=1692271443:RT=1692271443:S=ALNI_MYTLMg_1204Rm4-sM_koGNAiNeFGg
securityaffairs.com/ Name: __ppIdCC
Value: aexuritywddwira_xon210.6671443563
securityaffairs.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.securityaffairs.com/ Name: sharedid
Value: 6e9e8bf4-e700-4e28-a4e0-8d2b4f16eea8
.quantumdex.io/ Name: uid
Value: 4d399fae-b948-46d0-a0e0-77a834372238
.script.ac/ Name: __cf_bm
Value: luBURP8IOrL5nCBfSSpNEFs0M0ErrrDsuHYPdhd.Etk-1692271443-0-AQQDEw2S0l6+MxO3WyR9sOhITyvIlyxj8/5Y3zdWHulR4lKIsp03FK7+nW+fNs7WpyJU1jWc9SANf1ryWKciDXY=
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1E9AD575-C789-434E-B4E7-7684BEEE02FB
.quantserve.com/ Name: mc
Value: 64de0354-2f724-d60d5-37dd7
.adfarm1.adition.com/ Name: UserID1
Value: 7268250507939412111
.adnxs.com/ Name: uuid2
Value: 7459351539056021238
.ctnsnet.com/ Name: cid_ae0f83fcbfc14711a71b191ddf46655b
Value: 1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjAzMjIyNzC0MBHiM9QNswj0Ks0Pi0z0CKkAAFiqPb0lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjAzMjIyNzC0MBHiM9QNswj0Ks0Pi0z0CKkAAFiqPb0lAAAA
.weborama.fr/ Name: AFFICHE_W
Value: vKTinxPDYfa860
.doubleclick.net/ Name: IDE
Value: AHWqTUnZ5KXE6ucCvWjYwZnu9xjphPHloyki3enzg8foSZRzIhzszX8I4dlyrHy0U7Y
.simpli.fi/ Name: suid
Value: CB22D64B9FCB4F978BEE2013A9CA74BD
.csync.loopme.me/ Name: viewer_token
Value: 41b739c8-9480-467f-811e-ebc1cb4e8105
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFzlbslW6-iakT24nbVefAg&KRTB&23025-CAESEFzlbslW6-iakT24nbVefAg&KRTB&23386-CAESEFzlbslW6-iakT24nbVefAg
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5134455420622270184
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-XnU4VFhyaQVFczoGWnVxVV5xOARFcmtVDHaRfv1C&KRTB&19420-XnU4VFhyaQVFczoGWnVxVV5xOARFcmtVDHaRfv1C&KRTB&22979-XnU4VFhyaQVFczoGWnVxVV5xOARFcmtVDHaRfv1C&KRTB&23403-XnU4VFhyaQVFczoGWnVxVV5xOARFcmtVDHaRfv1C
.de17a.com/ Name: guid
Value: 1.7963049915053187346
.adform.net/ Name: C
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZN4DVAAJOvhoaAA_
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7459351539056021238&KRTB&23339-7459351539056021238
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7268250507939412111&KRTB&23369-7268250507939412111
.prebid.a-mo.net/ Name: __amc
Value: 4_1692271443_1692271444
.adx.opera.com/ Name: UID
Value: OPU0f722e4dc98245b6a949c31708e64d29
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-7963049915053187346
.onaudience.com/ Name: cookie
Value: 8cb3989c5dc47795
.onaudience.com/ Name: done_redirects104
Value: 1
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjMtMDgtMTdUMTE6MjQ6MDMuOTU3MzU2NDMxWiIsImVwbGFubmluZyI6IjIwMjMtMDgtMTdUMTE6MjQ6MDQuMzIxMDI5ODk4WiIsImZyZWV3aGVlbCI6IjIwMjMtMDgtMTdUMTE6MjQ6MDQuMzIwNDYxODg5WiIsImluZGV4ZXhjaGFuZ2UiOiIyMDIzLTA4LTE3VDExOjI0OjAzLjgwNTMyMDAzM1oiLCJvbmV0YWciOiIyMDIzLTA4LTE3VDExOjI0OjAzLjk2NjY2MDg1NFoiLCJvcGVueCI6IjIwMjMtMDgtMTdUMTE6MjQ6MDMuOTYxMDMyMjMxWiIsInB1Ym1hdGljIjoiMjAyMy0wOC0xN1QxMToyNDowMy44MDUzMDMwMTRaIiwicnViaWNvbiI6IjIwMjMtMDgtMTdUMTE6MjQ6MDMuODA1MzEyM1oiLCJzbWFydCI6IjIwMjMtMDgtMTdUMTE6MjQ6MDQuMzIyMjA3MVoiLCJ0cmlwbGVsaWZ0IjoiMjAyMy0wOC0xN1QxMToyNDowNC4zMjIxNzk2MjhaIiwidW5ydWx5IjoiMjAyMy0wOC0xN1QxMToyNDowMy45NjY2NDg1MjNaIiwieWFob28iOiIyMDIzLTA4LTE3VDExOjI0OjAzLjgwNTMxNDIwOFoifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiYTdhYzhlNGEtNmMxNS00MDg3LWFlOWItNzNiYmMxNGM3YTljIiwiZXhwaXJlcyI6IjIwMjMtMTAtMTZUMTE6MjQ6MDMuODA0NDU5NDNaIn19LCJiZGF5IjoiMjAyMy0wOC0xN1QxMToyNDowMy44MDQzOTA0NzhaIn0=
.adsby.bidtheatre.com/ Name: __kuid
Value: da1ce358-6341-4720-a91b-ae40fbe355cc.461485444
.adform.net/ Name: uid
Value: 2407697930668253618
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-0E2y59DCSjhYRSRjVQjWTTRV
.bidswitch.net/ Name: tuuid
Value: 1ab11767-d619-4fc8-bdc0-9c39973188cb
.bidswitch.net/ Name: c
Value: 1692271444
.bidswitch.net/ Name: tuuid_lu
Value: 1692271444
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2407697930668253618&KRTB&23263-2407697930668253618&KRTB&23481-2407697930668253618
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: ALb-MpcF055A7u0A
.rqtrk.eu/ Name: browser_id
Value: 1:47f8530f-3fda-4c9c-bc7a-630008bc58d9
.amazon-adsystem.com/ Name: ad-id
Value: A9ne8n60P0mNqLx1gs5_YIY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-1ab11767-d619-4fc8-bdc0-9c39973188cb
.criteo.com/ Name: uid
Value: c93b3ca0-285e-413a-9c84-b21e7a82437f
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c1be3ce2-1296-5f71-7674-fbd79d4583ec.gRDBzBTBsr9zOd5F67Ymji0%2BH%2F2HKUET9H4T27jOlek
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c1be3ce2-1296-5f71-7674-fbd79d4583ec.gRDBzBTBsr9zOd5F67Ymji0%2BH%2F2HKUET9H4T27jOlek
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Awb484hKWX3F2dPvXnUWD7FFfBSM.j6Vxh%2FxoH2zgmeaR5nWYizdKHL%2FcU5XXVAu6q%2BSiko8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Awb484hKWX3F2dPvXnUWD7FFfBSM.j6Vxh%2FxoH2zgmeaR5nWYizdKHL%2FcU5XXVAu6q%2BSiko8
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFQ0djjpesswbzeb2DSNRN8qZEpurb4k442V6ER0u3ydEHwYBCDUhvimBjABOgTa3nmDQgSVkEXF.DrbjtxzwWIKLALB%2FKYHBfHwN4jg9%2Fc7nEk5mZE2kY8g
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFQ0djjpesswbzeb2DSNRN8qZEpurb4k442V6ER0u3ydEHwYBCDUhvimBjABOgTa3nmDQgSVkEXF.DrbjtxzwWIKLALB%2FKYHBfHwN4jg9%2Fc7nEk5mZE2kY8g
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-wb484hKWX3F2dPvXnUWD7FFfBSM&KRTB&23334-wb484hKWX3F2dPvXnUWD7FFfBSM&KRTB&23417-wb484hKWX3F2dPvXnUWD7FFfBSM&KRTB&23426-wb484hKWX3F2dPvXnUWD7FFfBSM
.audrte.com/ Name: arcki2
Value: 969MaRQnToiRg6LGsrRgPxRbA!20220908!1692271444504!ip#81.95.5.35
.audrte.com/ Name: arcki2_pubmatic
Value: 1E9AD575-C789-434E-B4E7-7684BEEE02FB!20220908!1692271444507
.zeotap.com/ Name: zc
Value: 7a73c290-0aff-4260-6dee-d983676cfc18
.casalemedia.com/ Name: CMID
Value: ZN4DVEwaCwBfIjOatYFQKQAA
.casalemedia.com/ Name: CMPS
Value: 3265
.casalemedia.com/ Name: CMPRO
Value: 3265
.tapad.com/ Name: TapAd_TS
Value: 1692271444615
.tapad.com/ Name: TapAd_DID
Value: 3d83cb6a-d276-42c4-b841-092c93920f3f
.gumgum.com/ Name: vst
Value: e_39063449-6c63-4b6e-b9d0-511c97732e5b
.turn.com/ Name: uid
Value: 4138269106523966498
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.gammaplatform.com/ Name: _aGeoIp
Value: ES|Caceres
.gammaplatform.com/ Name: _aUID
Value: 1f38ailjgtm0
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4138269106523966498&KRTB&23150-4138269106523966498
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-1f38ailjgtm0&KRTB&23446-1f38ailjgtm0&KRTB&23465-1f38ailjgtm0
.demdex.net/ Name: demdex
Value: 62085116018922815660089771698506459570
.audrte.com/ Name: arcki2_ddp2
Value: 969MaRQnToiRg6LGsrRgPxRbA!20220908!1692271444675
.securityaffairs.com/ Name: cto_bundle
Value: EuR6gF94Wk1hRTlBd1J3VURNU0xRNkd6WmtnMFBVVElmUWJ1biUyQm9iTDlzUjElMkJYdkk0RnJ1UklsQTRYNHMlMkZmU2RYVnFqJTJCS1hXQzFPNVplOTkwY2xVVzAycmdkemE3MTZZZXZwdUZNOGptNEt4MmRQeU1XcXhGRExKbXVVbGZiJTJCZ0ZjQjBEdDZsT3N4YUVWS0RDWVJaVHU4dEJGSU42RHFPdURUZk1Sa0VYJTJCVjBpY2clM0Q
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_f51f4502-7d6c-4c4c-82de-6e2f73249c65
.yahoo.com/ Name: A3
Value: d=AQABBFQD3mQCEM84lG48gcS0ON6gYgWBvrQFEv__AP8AAAAAAOAKyiMAAAAAgA&S=AQAAAqw3NF2N-MNkUL91HuLu2-U
.dpm.demdex.net/ Name: dpm
Value: 62085116018922815660089771698506459570
.agkn.com/ Name: ab
Value: 0001%3AOfwnaUemEML%2BCVJNt%2B%2BSKqAu8jxnWtmR
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d8b081b77aaa4476
.krxd.net/ Name: _kuid_
Value: PvYzWw2F
.360yield.com/ Name: tuuid
Value: feb9cd5c-c1ec-41fe-96bb-a57d5dded66d
.360yield.com/ Name: tuuid_lu
Value: 1692271444
.creativecdn.com/ Name: u
Value: mZ3nyFB0GpZRlmsuO8Rx
.creativecdn.com/ Name: ts
Value: 1692271444
.blismedia.com/ Name: b
Value: 64DE035491A33C90C7F1B877BLIS
.mathtag.com/ Name: uuid
Value: ebc764de-0354-4300-a259-67f756b5c5a8
.3lift.com/ Name: tluid
Value: 46094411890339888485
.hspvst.com/ Name: VI2677
Value: %7B%22time%22%3A1692271444%2C%22utid%22%3A%22940fb478f4b481b2207bf42a9144191e%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/ Name: VIP2677
Value: 1
.audrte.com/ Name: arcki2_adform
Value: 2407697930668253618!20220908!1692271444883
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.tribalfusion.com/ Name: ANON_ID
Value: afnvfMmge06ousnA6MvPALpiLbgOUPexwBdDuOY4aAWaUQ0nUFScX6gjkFEfoH5ZanvJbZcNLyMJBvCxCpngV8AKAuOZdXrFget8EjGjj0Za2MO07A8pGlmi
.outbrain.com/ Name: obuid
Value: 4f6aab10-d5a3-4ddd-bc3d-96304e68578c
.w55c.net/ Name: wfivefivec
Value: 3xTNITwA1QwB6J5
.ipredictive.com/ Name: cu
Value: 74028443-b1bd-4f33-8a88-39ffc4005428|1692271445045
.fwmrm.net/ Name: _uid
Value: "o003e_7268250512229797540"
.mathtag.com/ Name: mt_mop
Value: 4:1692271445
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-19f78d4c-a502-4260-bdfd-fa738269cfdd-003%22%7D
.adfarm1.adition.com/ Name: lv_5357381
Value: w=4395096|t=1692271445
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlkZG5oYmJiZGj6C4lvamJuCAAnY9A9IAAAAA
.go.sonobi.com/ Name: HAPLB8G
Value: s85123|ZN4DW
.company-target.com/ Name: tuuid
Value: 5ff12970-bf75-43a4-b869-26c3bdd16b9f
.company-target.com/ Name: tuuid_lu
Value: 1692271445|ix:0
t.adcell.com/ Name: ADCELLvpid10797
Value: 309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%23%23%23%23%40%40%40%401692271445
.doubleclick.net/ Name: APC
Value: AfxxVi4_Faoc2Jvo9WusZA2upywzQJsPmJXU75R1wAFPksIVz33tqw
.awin1.com/ Name: awpv14702
Value: 412871|1692271445|934def80-3cf0-11ee-8c55-226543793aa5
.awin1.com/ Name: awpv20044
Value: 412871|1692271445|935394d2-3cf0-11ee-8c55-226543793aa5
.awin1.com/ Name: AWSESS
Value: 415363:2904924
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTM0MDAwMDAwMDA2MTY5MjI3MTQ0NXZsZWExZGUyMDIzMDgxNzEzMjQwNTg3OTkwMzkyMDY1WDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWRKZ0tGemY1ZjZEWE1DQkg2SDd0cHRwcEdIeFNnVDRNZXRBbUtNb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDEyOF9XRUJHQUlOU01PU1RMWTExNzcwMw
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023081713240587990392065X117703V1226132702MSviewoneidJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTM0MDAwMDAwMDA2MTY5MjI3MTQ0NXZsZWExZGUyMDIzMDgxNzEzMjQwNTg3OTkwMzkyMDY1WDExNzcwM1YxMjI2MTMyNzAyT
.c.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 20F53F8B478962BD09792CFB4602632E
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2979:u=1:x=1:i=1692271446:t=1692357846:v=2:sig=AQE3tS7ztlLfS5tFBYt1U8MvbnkMVa0w"
.linkedin.com/ Name: bcookie
Value: "v=2&652b6204-35e5-40d8-810b-806fb25e1107"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTIyNzE0NDY7MjswMjFKooGbF5auxF0PyhR76IZPaWSueROkGsIGoqEpW9L19A==
.smadex.com/ Name: smxtrack
Value: feae710e-9c96-4cfd-b55b-27144b5b049e
.smadex.com/ Name: smxbds
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M4/YD>6NRF']wIg2GUkuZY/X!@wnf-Te9(SNOl[2P<DdDYev[FoySgFSTYdGn!ktD>@ZV1[I+lf#kS_P-HC_#tvC4(XDcQ
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI0NjA5NDQxMTg5MDMzOTg4ODQ4NSIsImV4cGlyZXMiOiIyMDIzLTExLTE1VDExOjI0OjA3WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTA4LTE3VDExOjI0OjA3WiJ9
.pubmatic.com/ Name: DPSync3
Value: 1693440000%3A241_235_227_226_219_197_201_245
.pubmatic.com/ Name: SyncRTB3
Value: 1692835200%3A223_15_2%7C1694822400%3A203%7C1693526400%3A35%7C1693440000%3A251_81_88_13_234_176_55_214_21_243_99_54_56_8_204_254_161_249_264_22_166_165_46_71_238_3_233_220%7C1697414400%3A69%7C1693094400%3A63
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-19f78d4c-a502-4260-bdfd-fa738269cfdd-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1692293047198
ads.playground.xyz/ Name: connect.sid
Value: s%3Asok0Zmq2vg1Bip3pIGIBkl_nPEpfHMHl.SHxvGSz0Z9azKZFBFFwtzElMD2l%2BVNkkcwp4Jxi9v3E
.bidr.io/ Name: bito
Value: AAF4KE7JvAcAACaud8B8Jg
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-1E9AD575-C789-434E-B4E7-7684BEEE02FB&KRTB&23413-1E9AD575-C789-434E-B4E7-7684BEEE02FB&KRTB&23479-1E9AD575-C789-434E-B4E7-7684BEEE02FB&KRTB&23505-1E9AD575-C789-434E-B4E7-7684BEEE02FB
.a-mx.com/ Name: amuid2
Value: 55b86fc0-9f55-4785-9dd9-e556c0ed0d7f
.onaudience.com/ Name: done_redirects161
Value: 1
.exelator.com/ Name: EE
Value: "0cb3dfacc520d43874a3aec2404f3ff3"
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.smartadserver.com/ Name: pid
Value: 3100904523491322904
.semasio.net/ Name: SEUNCY
Value: 551C7EACDA16CB3E
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEgOck4JS0xOdnUyCDFxNjC3CTRODE12cjEwCTNOC3NeHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQbEl%252BUWb6IhfXxUUpaQyLSopPBR9lnA8AzxAqdw%253D%253D"
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: d63a404b-fbf1-52e5-8367-819ee7b982c9
.betweendigital.com/ Name: ss
Value: 1
.quantserve.com/ Name: d
Value: EGABIQHdKYEO-TC_vLEL7iDtqNEA
.w55c.net/ Name: matchtriplelift
Value: 5
.betweendigital.com/ Name: ut
Value: ZN4DVwAJDGj-m4HEp49CP6bDjUd_Svw6_rL87g==
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zsc
Value: %29%7B%BE%DE%C5%0F%D1%1Cc%15%B3%B0%15%C5%E9%D5%08D%0E%7F%AF%9C%7F%10%1F3%98%F8%3E%92+_%02p%23%C5%D8%EA%FD%D8%5E%C7%99%3BzMoJ%CD%F6%BB%F8%FD%29x%E3%B2%86%9A%16a%D4%E3R%5B%11%18%D1%0D%09%83%0E%8Aq%19%7D%9FO%F5%E4T%FCX%FD07%0D%BD%E7%83%DF%A0%88%D2%A4+%5B%E6K%1B%3C%A8%8E%A9%5B%E1%CB%DE%3A%8A%A8%F9%DD%1E%93%98%98%F5%8Cj_%85%D9r%26%E0%D8%BA%12%F6%19KK%15%D1W%89u%07%EA%2B%CB%DD%E5%FFG%11Xa%C7_nH%01%D5%0A%8ATd%21mS%F2%D2%3B%EF0
.smartadserver.com/ Name: csync
Value: 22:2407697930668253618|127:AAF4KE7JvAcAACaud8B8Jg|141:969MaRQnToiRg6LGsrRgPxRbA
.audrte.com/ Name: arcki2_smart
Value: 3100904523491322904!20220908!1692271447740
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAF4KE7JvAcAACaud8B8Jg
.pubmatic.com/ Name: PugT
Value: 1692271448
.mfadsrvr.com/ Name: tuuid
Value: 5a977333-d359-4c83-bf80-cff0723e72a2
.mfadsrvr.com/ Name: c
Value: 1692271448
.mfadsrvr.com/ Name: tuuid_lu
Value: 1692271448
.richaudience.com/ Name: avcid-zeo-uid
Value: 7a73c290-0aff-4260-6dee-d983676cfc18
.mfadsrvr.com/ Name: ssh
Value: !triplelift,1692271448
www.restposten.de/ Name: AWSALBCORS
Value: bHgWo4ksZSyyXfS4XaLu5R3kjXe/hCwi3VTdjp/kORyw9BO8h2lrGAjxRzriMl0DPYoqduqt/16yonOF1NY41oCRqE8uKnwuIazeOsB70PzUjGkrguwhGK8IyGAB
.pubmatic.com/ Name: SPugT
Value: 1692271448

42 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1692264243&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692271442528&bpp=401&bdt=131&idt=688&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7072651159571&frm=20&pv=2&ga_vid=427256701.1692271443&ga_sid=1692271443&ga_hid=1013763069&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076876%2C31077148&oid=2&pvsid=538799672571642&tmod=592097280&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=710
Message:
Failed to load resource: the server responded with a status of 403 ()
deprecation warning URL: https://script.4dex.io/localstore.js
Message:
Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
network error URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)1E9AD575-C789-434E-B4E7-7684BEEE02FB
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1E9AD575-C789-434E-B4E7-7684BEEE02FB&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://u.4dex.io/setuid?bidder=freewheel&uid=5cbe9d52294ae63a2431ab76bc435be4
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=eplanning&uid=ALb-MpcF055A7u0A
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=7a73c290-0aff-4260-6dee-d983676cfc18&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Df37e14df79e0be88%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security error URL: https://as.ad4m.at/ad/dr?ed=1hgp7t80j7e098aj2svka5nvxy7d7wt5f41jzfjc7bj5va0m8nqvrrbg9p6frvgjm6bt47vxxkcyx357ezwktk9hwectzgm8b9b003e0h22dnc043gmmty1vzcmp9n6gezj05546qxhwxat9er9qrmp5xm5h37rxqxzatpcfkx5hna1xgpcegfaz3nxa8nywx250xb3j68z5cpjhdmx29vmffqncv0r5b5me0df1rje1r3xxqxfp651beyrqnva2rkgke28aqmpzmg3hn6fwz48e9as5w2yvn5mk8f48cnz2pztvq8cfcgrv9vgt26jyxvwzs0jr210gyhxpd52n1zwchgn1027aah2860hqy595gc9yc2rh4z9gy94g0n765xmzvax5s2k242ph85ztxdzskjvz9zc853kezccba9d6f4qfmjr7x8pyy2wmm7mh2r8cbqfnnzfg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%26client%3Dca-pub-8278416939377896%26adurl%3D
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security warning URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7(Line 6)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=f37e14df79e0be88
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tags.bluekai.com/site/87734?id=7a73c290-0aff-4260-6dee-d983676cfc18&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=2f33f521-1ee1-46c4-757c-14d1e40a86d3&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/dr?ed=1kz6jsn8cshzzs75cswsk19829ve0gf4rzf27yjvez60wtk36zqbp2pq5zt5hwyw2nq1fxe3f3184z34nqenbdhptkvffpmmcta44xn8h88q1wx2hhw4rrxa3mhdxss1m45fqjgye3hca3jp7jxmcmepz63kf4k8rygt5bvt5vvw348zmcgfcdq9bmfz42n92vv2tsj4w3a5k9hc1fgx0tck0vhd861ajtzk3vgs20r6wmh8arpbqg0zr4jqhcgczb3dyhgrv2c6c6hd4r1b6n3bm5kny6kacc0q5ft2213kbnktnar1933gye3ss4tb6wq459cw7nk4fvp1yzzx5j1nz9epzeb11xqzq2kkmm3wjp9jpx85jb9ee9acnce7ab4fr5qtymbyafmqrsvtxg8cdbeen711z33x70dgpsjzb0kfk68k50crsymcc66khxzhf4qtww&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%26client%3Dca-pub-8278416939377896%26adurl%3D
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
network error URL: https://u.4dex.io/setuid?bidder=appnexus&uid=7459351539056021238
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=eplanning&uid=ALb-MpcF055A7u0A
Message:
Failed to load resource: the server responded with a status of 401 ()
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Db31899ded8ce2225%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security error URL: https://as.ad4m.at/ad/rar?a=175059%2C157265%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CJgKFzf5f6DXMCBH6H7tptppGHxSgT4MetAmKM%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CGgdFBfpf6jZGCKHeHGtBCppJHZSYTJVPTY8zK%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=ce88c192b3f1e0ce9c16159bc9b85813%2F8424617169155200433&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8vk8st6v6ba6ar6x50aknd88y88qtahxyadzwvzjvch5zvefxfzr7n59r9s79g85dtjz5k7q4myebyg06anw9g4mzc59qejf4s9gtp10xxy96x83611zhydf3hd626mj828a7d03d9dg4gksc3t280gjkb5p5qyrnpe9jh728xh45zy7ebjqaw57r1y1h2752st8a9d3fd50rz4bfwjm5ky302n1179rcz2ynt5g2myq7bgzgfsmndfwvfzfvdgxzn58end95yad9vnmtsaam470%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClkMYVAPeZOG2Fpas1fAPgK2lEJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyNzg0MTY5MzkzNzc4OTbIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTDAk_QpvRpCl4eJw8trNIJfIhgtz-jkWKdn-jJz89pt6VUXdj91lwqK9XEqBi6lbMQ_VzPIJFuIt6O1x_ga89cOLqhgkpvg5UfUhIoUVUhynbQXHaZvoAQ7DwGsFiEtpJbFF90icP6Oy-eokrcWL1SaLSocy4xN5ydg_eNvTZE-OoRPwbwpP3I-_V6zyqhYwqsmYhF8ef2zDlzfRdUbwzFB5Xus0fJtGxiOdGTO8aWVlVuKS2zB5g2tjipXGpklmVxjof6NVb-kPnvdzfRW3yTsgxMq3c36OAcJi88dss6w6Zqt_AZHDMxMsvb4ZfpPoRLUeO0rE81-E94Vc9Ty97yUPSLvHdqHWdZSU2WnKLKVFVz_sLBdJLg-rhRIxARtFNypIr6BpJ0QPS2El3hLtvD5uiiYJ5L9fW80A6kJn7CX4jnkI7K4AQBgAbIrsnUusS63CWgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3MqAfFGZEzy1xbkMh2yq5K5JR3yg%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=728&d=90&e=&g=30cde0e5af03cfc80d1e611d648291e2%2F16412209434263918788&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1692271445309&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k1ecaj1mgha3zc89j1v9jv12v16xq0t4fnvgztwvme0tf63mksjern1m8rzbjn0s1efkfve9khf0y9hmqmht78cav4k6n71187xpcwp32qjffc3wvet46tbgk6z2jcd3rf98tffptywwjmts24y74sger8hsffse2f65vyd61zkajz45bb5mv617rpaxcx263v9a0marbab4zvgbwp9xvbag7yq4q4c6ta7phky0vt43dj2zz1jen3mexqtaqyg14jcnjh411rsg03jgb8vgpgt3w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMmmGVAPeZN_MHMzB1fAP5Z21gAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJqQJVgox7DEOyPuACAKgDAcgDAqoExgJP0FzLDdvli6an2nqUPNRZwZMYEazh9gmhHlEA8Io-wJrqRC4fZjwP6D9PtAjfdkAbsYntqQBa0pFJY9D8DInkGF8m70Rd_6pJjCOWowJ3qHwom-21FC5hJsYTeZ-oPZbdGYrLWyjl1R19YnYZecgPW0y5qeJ3YrwS-diKkTVtPQaA2De2e1PgNXnzkceUfvxXwD1rw8TEoBAgVrPmbvFO5IMH19fQtJJ-tBGEbIqzfWICdiOpMLDiOoOmwhWOb2DkgEEaZf1C1fqKR4zO0O53rPx51WPdRs5c252dmPfDPPnGNLQBIq-LA0X-2tjnB2af7lWWmjZ7JIUjOdWbwLqXY-ad406fXFLO1saA5YdgpCyg-5NjCccPBJaRVaDjASS_0mwNLfHU-LRkAZ3eRm7QUFEK0g9g6pXmaRE4lvhIodnSphFY4uAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Hq-VAuUD65T8Gsz1-x2Y2kh5Kkw%2526client%253Dca-pub-8278416939377896%2526adurl%253D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7a73c290-0aff-4260-6dee-d983676cfc18&reqId=bf3fedf8-f5dc-4504-70da-ee67f6044a73&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=3756941
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://u.4dex.io/setuid?bidder=unruly&uid=RX-19f78d4c-a502-4260-bdfd-fa738269cfdd-003
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=triplelift&uid=46094411890339888485
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=triplelift&uid=46094411890339888485
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=triplelift&uid=46094411890339888485
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=indexexchange&uid=ZN4DVEwaCwBfIjOatYFQKQAADMEAAAIB
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)1E9AD575-C789-434E-B4E7-7684BEEE02FB
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)1E9AD575-C789-434E-B4E7-7684BEEE02FB
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)1E9AD575-C789-434E-B4E7-7684BEEE02FB
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://cs.admanmedia.com/sync/gumgum?puid=e_39063449-6c63-4b6e-b9d0-511c97732e5b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://u.4dex.io/setuid?bidder=smart&uid=874074812146396405&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://u.4dex.io/setuid?bidder=smart&uid=3100904523491322904&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://cs.admanmedia.com/sync/gumgum?puid=e_39063449-6c63-4b6e-b9d0-511c97732e5b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0ca911fa4d5b659b8775e85a6838b82e.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ads.w55c.net
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
assets.vlitag.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bn01.er.bemail.it
buttons-config.sharethis.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c3.a-mo.net
cadmus.script.ac
casale-match.dotomi.com
cat.fr3.eu.criteo.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
cms.analytics.yahoo.com
cms.quantserve.com
cookies.nextmillmedia.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csm.eu.criteo.net
csync.loopme.me
cti.w55c.net
d.adroll.com
d5p.de17a.com
dbt.adition.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.active-agent.com
dsp.adfarm1.adition.com
dspcluster.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
i.e-planning.net
i.w55c.net
i0.wp.com
ib.adnxs.com
id.a-mx.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
imagesrv.adition.com
imasdk.googleapis.com
ipac.ctnsnet.com
is.dopascalls.1und1.de
l.sharethis.com
lb.eu-1-id5-sync.com
loada.exelator.com
loadeu.exelator.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
media.vlitag.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pixel.wp.com
platform-api.sharethis.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.a-mo.net
prg-apac.smartadserver.com
prod-rtb.ad4mat.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.vliplatform.com
r5---sn-4g5edndk.googlevideo.com
redirector.googlevideo.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.nl3.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.e-planning.net
s.tribalfusion.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
securityaffairs.com
services.vlitag.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
st.pubmatic.com
static-de.ad4mat.net
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.admanmedia.com
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.quantumdex.io
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
t.adcell.com
t.adx.opera.com
t.hspvst.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
trc.taboola.com
triplelift-match.dotomi.com
u-ams03.e-planning.net
u.4dex.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
useast.quantumdex.io
usermatch.krxd.net
usersync.gumgum.com
ws.rqtrk.eu
www.awin1.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.restposten.de
www.telefonica-partner.de
x.bidswitch.net
103.132.192.30
104.18.25.185
104.64.126.246
104.80.244.96
108.156.64.218
13.227.219.46
13.248.245.213
134.122.57.34
141.94.161.158
141.94.170.77
141.95.32.71
142.250.185.194
142.250.186.102
147.75.84.158
15.235.15.221
151.1.205.165
151.101.2.49
154.58.197.185
162.19.138.118
162.19.138.119
167.233.13.224
168.119.72.236
169.197.150.8
178.250.1.11
178.250.1.9
178.250.7.9
18.135.31.191
18.239.94.69
18.66.196.54
185.15.245.81
185.184.10.30
185.184.8.90
185.29.134.244
185.64.189.112
185.64.190.80
185.64.190.89
185.64.191.210
185.80.39.216
185.86.138.121
185.86.138.151
185.86.138.153
188.42.34.64
192.0.76.3
192.0.77.2
193.0.160.130
193.3.178.1
193.3.178.3
193.3.178.4
195.5.165.20
198.47.127.19
198.47.127.20
2.23.197.190
2001:4860:4802:32::36
202.241.208.55
205.234.175.175
208.93.169.131
212.82.100.182
213.155.156.184
216.52.2.6
217.79.188.11
217.79.188.12
217.79.188.4
23.213.161.138
23.35.236.201
23.88.86.2
2600:1901:0:76b9::
2600:1f16:e61:3f00:6418:3db0:a56e:6f03
2600:9000:211e:2200:1b:5138:8a40:93a1
2600:9000:224a:c600:c:abe:f440:93a1
2600:9000:2315:5e00:3:4706:a6c0:93a1
2600:9000:2491:a000:1b:f040:3600:93a1
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:4700:10::6816:2560
2606:4700:10::6816:3456
2606:4700:10::ac43:15e3
2606:4700:10::ac43:db6
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4bf1
2606:4700:3031::ac43:8cd3
2606:4700:3037::ac43:9e3b
2606:4700::6810:5614
2606:4700::6811:190e
2606:4700::6812:1691
2606:4700::6812:18ad
2606:4700::6812:372
2606:4700::6813:9e13
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:23::a
2a00:1450:4001:800::2008
2a00:1450:4001:801::2002
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200a
2a00:1450:400c:c07::9c
2a02:2638:3::1a
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:d::13
2a02:2638:d::2
2a02:2638:d::4
2a02:cb40:200::242
2a02:fa8:8806:13::1370
2a04:4e42:400::300
2a04:fa87:fffe::c000:4902
2a05:d018:24:b001:ea7e:ead4:fe95:47ef
2a05:d018:cc3:fe05:4270:c547:791f:3f
2a05:d018:d29:3605:5fd4:6fb0:e48:6d7e
2a06:98c1:3121::3
3.120.67.215
3.122.33.96
3.124.181.128
3.124.27.97
3.127.92.109
3.33.220.150
3.66.201.159
3.71.149.231
3.9.45.49
34.102.163.6
34.102.253.54
34.111.113.62
34.111.129.221
34.111.131.239
34.149.40.38
34.160.236.64
34.241.170.80
34.247.233.198
34.254.143.3
34.91.62.186
34.96.105.8
34.96.71.22
34.98.64.218
35.157.224.148
35.186.154.107
35.186.193.173
35.214.167.175
35.227.252.103
37.157.2.234
37.252.172.123
44.205.87.2
46.228.164.11
46.228.174.117
50.31.142.159
51.89.9.252
52.16.101.30
52.17.146.181
52.201.180.243
52.207.126.75
52.222.139.7
52.222.139.78
52.222.208.154
52.4.169.33
52.46.155.104
52.48.185.171
52.48.19.12
52.6.72.62
52.71.238.40
54.154.110.236
54.154.162.251
54.157.243.229
54.229.208.26
54.83.175.63
63.251.232.165
67.202.105.23
67.220.224.144
69.166.1.66
69.173.144.138
69.173.144.139
70.42.32.95
77.243.51.122
8.2.110.24
80.77.87.162
82.145.213.8
84.200.5.215
85.114.159.118
85.114.159.66
85.114.159.67
95.101.149.233
98.98.134.241
98.98.134.242
99.81.48.56
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01e9b01c66b444e890378db9d97922a8a76cda78ab90265fe726836e8b7bf276
0255909b7cb5511843e8e9d6414f99d023237cdb954705d68c4ff0d3cd752d6b
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0844f9c0583891902cccc7829921a0a4d2605e7061ced2496a02cb8170e2a245
08b2adb7bea8385de91029fc75acff41eb5892ac13fb94228370d78b2483624d
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
09587fd0b4c984573371a553f082e27c4e4ba98f65130e1b1eb7c0b7699509e5
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a51b3c32576974ef48aa7c6bc2cd9b881ff3f229c90aa4d7fe9983c4842bbdc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7f4920095694476c9df96d4a04c4b0bdb7e8c69cefe0e0e596939749508098
0cd61ca0724c74a1e9510b77c5f66ebe240576cc95bf77cf02fa5227fa53ca1b
0e84490029864ebfb264463dd1ea5121716356042348954c60e37902b91c6146
0fcdea3b84f02b2c125b635c8c111865599a7115e02706053f42ed879d6609f0
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
10f15bc9a806101afcecfafaeab2fb9e5e3a493872e23e12ee62c28e18841332
12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2
15457c8a7b18fd0a3ec329c78a7c9d5053b4b3f2ebf1a4ed998462dbd668bc6f
167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097
16e5ba3dfcd97cd7f52ee974e66a8f30bdc2f1b565bcdc7a6db66185c82a05b5
1762aa694c7f63b11890a82485497e9cd1a82458df8ac9c9399dd51b89e19694
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
192ca79a21efa14b1eb960814f3bf85049fb8c7bfc07ded62de399f0fac109f9
1a49383956b0c309324f9e51dff3d3f015ce1be14d068832ad5354eac76b728f
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1bfb002bd9ffeb6d79cce44383d23a4f4bef1ba8b328338486d6aadd5089d12a
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d886af5ec20b49cb2f904d7e16b7b13666098cca9ca60275b9d38d59e55e0fa
1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa
1ff3da9a9c791b08a5ad0806e78b3e009e025955c47f4f2cf6f00f4d233885f5
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
28275dbcd3747f460a53102bb9dad566db20349335371cef756c72f4ab155431
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ba7c2311986ffb857dac36c0269f59bd9eb78fbf7435f2a2ebe5ba3af6fb9b2
2c3337118e0931cb2d981cc3c320b4a0d8a488a815ba902d72a197254ab12628
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f
2dc6cc0603c763b90a6cf75c2459c3cfa25b12db26d951136f1095d75541e765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6015e919f39b1ce550db25b1005c24ae19177227a39fe1ac1221356971bb34
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3021738458f239a69da9a30d187077a21d03bb2240aa2ebe8facc4330308326a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d27078f7ffee671cfa393516ea7af971b8602ebe09fb751a2bb0c19ff6ddd4
32a3422a74af7d747de4ac5565752364302c87f16f4f546cf2f9473626d7df8e
32a42197dc440d45716dd692e63b89b7023bdd66b43d60de83e4de5750c83988
3397252c470ca9e2a2b2b1ac0219b670ca83a4fdaeebe2a4d77ce6583a2d8303
35300af449794bc2039402103b1593ee932a1aa8e645922ae7811058e736517e
3570b0809823e912b040bb8d99048d5e85ceabf830ef064e306c0a1901a08e11
358540e12d98567a2ec53c2ba13ebc2328a6d90540918ca80e1d7505ced05464
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
379929bd1ae1d86a938b9aef0acc8a4b653051077654ffe733283a923bc18f69
38341e14f900466d968ea8a1316215d4e6dbd9b153638a2b01c46e993d1f7be0
3b78d7040fc83096eef95b7e1b718fc871043655105aabda284b8b0b13417acb
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f96ad1b2fc8befcefc3a193034790288c16535c8e5ff66492f0285f95baf209
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42638cf7ce147ae414ebf639d0c94c85b08018380903afb94e2190b1d4adb317
428088df3e711d793bf71c25e738adb7e210f43014809bb311f2e1fa182bc6ed
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4728543143887e2e3729f6bada9b14a3ac96ff1940174355699556fcb849b2f1
4751293cf130da3364382eb92608b62bcf4306a844fb045822b78eae44848b1f
47d8dabc70c62f44afef6ddc54356b49f16ed6b4f01b306f519f63c7a1283f79
486b694c4933bf0e1a51c429bdbd97e80ac818f4005c89885800230da524d4de
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c038b9fd76a627ea107efde07626d8de392f7eb92b847a198327dbdc42bfc35
4c1ee06e239e0c691b9089a6d9f8ba0ae38caf44ba41671d16c80821d55a7f99
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4f6d12bda9c66d3ed2e0cea8d29bc5e2adbb8d915dc54956c43d2fa326f5a401
52111f9e6db1ec361845d907da70d0ef22220d0c4981103c3b880828b730fd89
52e0b32d3349a2ac40d165101d466762caa775d197d4b0849fd4b50f453b0ff9
52f5e657405d02f0ab9761d8c352e50ddf0329275461a34ad512267f3b06c4db
5427592bb5ce5e461aa4257804b39a73ab9463d37f93ac73b2d6f9d26b834195
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a4b91db2f74091861110e9a977d736468738c0d3c651176837ff60e6e4b005
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602a2fd4439dca6f5660a8b4c60de61e7fb2faf087a1e5c3535cf80e6bda837
5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227
5c44aa2e6abb9460ec8174777e99be9e3e539c6cdb55c5054fd707ed22d1365f
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4
5f81477562243cff0c56616fd2a1b40a7f1c229ecdb950eae4e5e119234344dc
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
6153cb23a6f7eb567426b35b81b705af87b533e24da18e5b375196b03de6160f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255
64ffd4b2224c9e2a0f2193cf1d37239572a67ce9d2bf3d97c58d6939139af61b
65d5e5c925b1796dac80ffd44df71db4a59753224cbfd3a254008ff381d3022c
6969bdf88a5cce710189e26a5b582a593cbfc5d6c5c0c4d1c29bc70566837677
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b61ba2731b2d5b0c331a0b8956f40382c28856d78322fb74eff0cc539d889b2
6bd98b33b740f56107f4f82232381aa47299017e5d406441d7a1ada02c50da9a
6c0aad09d2e9f6415bba4210ec032a41dcdea45b6223dcac746f359cbe946823
6dbac956ac0824fccac32081f23ce182a6b707159b24b35340dfcb43ff9db5e0
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5
71d4dcf1b44c272b813c5da48f80e4e977bd2a1aedbd89d4a3c1792c2123403e
722c03b47c6713a77185c402bd2a4b52ceace439ce2821dfdb72e8720b3ba78a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74d27ee9b7bfd761b73e71c90baffa31a5060d2232f969678ce988cef9ceb0db
751ae0b0e7b20fc45203c90e0c3391e1aa983f57327fb31d96dda46f7232ad45
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e
75cb64f6fb01f8ff69747b4d466b4b3fdcd778fa31005e1be1d1b81de379799f
75f4ffa37f1248e72a8a1694f0ddda6a01e8a9de7762db4e5e45839577f898a1
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
7735586823a20c6cc7db8ac8d34a2b31c75d324240c014f719761935ca7a1880
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f
77a97368f8991ef6bcba68e58a58f0aa3aaa1e61b687bb5f2c7930d12800de13
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
790402e3824b48ca388555d4eaa06a555ab5e118149f652a4393906129b1945b
7c11433c4dc7cf18972c22ca0f2cf78493b92aaf89bab4dab47c6c9b6c551d50
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
7cc53b9adf139d3c48666f76e1d316281c5e9065f7eeaa3fb329057c397f83e5
7d060d8420c1c7cf908cb32ac0bf231e12a5bd26027bf2ce8bb2a0dde8192cd9
82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8440b44df37920c5154e5bede3975fdb0edde35b4c6f8029b81a7e56166c0495
88400ece0824eb5322a437984edfb5b0c752a92af7efa7d5970fcb161c8721eb
88cad8e2e9b1b523fde0011415b95565247ed420df3d11c33212115cf974a23f
898107a317921f1fe8f4784c2a5f9032dba634f89a2c5a31bdaa253206f19eff
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6
8c2488b8fea1a0d0951af61a3f55c92d707bdf4a673b35d305d93661fb777eec
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea45c4c4ef9081cfd5aac2cf039ce0a9e53650afcc63dd9f31924571a76aee2
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f
90bf9270a48475f96375e66c516362c4e8965a5ca3875c614d00a72a8d264b19
914c2c38bcf8be8ae0bb37e800573341c8134e54b5ced5303c1d3f172d7e6c96
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44
93030b8225c244b961f2918dcc27292195efef8eb0ab969f535aa2ab329e7486
935309674176a5794193c0841af92c9d2f196d4cce2c6875f4303d6c5866abf9
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99734dcfce77b3d9c7555659b0e92798bee3e15a5f244da8c97287bad050d7cd
998f0baa7d1a0cc1b16c41081a32b856713de102e2447b1828c0f8266e149cc6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204
9e6472abb172d5422952dae0b91c3adccc62de9e61b048662c060a320f7ba285
9e69faea43075d0fe6eada0bbf39b44fee0ddf2d63ed00efac4099fe6d405dc8
9f1127da826eac2c1865978de2f8e3f7923abae3ad9b1fada5037b9252190437
a04aa9666a49a1c434d7e44268f399e0c1dc1b306a2cc6f3414551364c217b4d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a116acc9eec96d79791282dc50f9ec924d9ebc91aaf0fc4558b36566ef973d1b
a1f291c7cd6d5a518e48858f44b210da38d95fdd51c3d7bddc640246ff9d6585
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a58d1143a9394f92135af0e5cae0b69df99d2bddf8bec65674421f6944772598
a5c159ccf8b6fdfffad548013be4fda608eaec863ce4c2f657c3cbeb6365f724
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7fc1831e545e1630c2a6663a733fc8c16422cf3e4647afba3715703292227d7
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b33e3ff7c01e9eb947faf1bd0dd31d3d210ff9fdf809f2db3938b5b865b9cc31
b3b7bc072fa5a0e6941517740695cd57e6de650aede4d0508604deb9a6c3cc26
b5643c5e548ec3aab5786c3845bce65a8ab30d48b62ba2586373ff84589ea13d
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b79ba8d8ab78904ad0799b7c920016a4bd8796d2523a48a591d51ec968d6c4bd
b7d46543dfd80c39294fce03e81be58efe46741904ca7dce630461d50c61d6dc
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb3131ef675d16c29212b875800c84269adaab5e3b174f528b6947dc8ad8791e
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bcdbea32acde591b45eaa9f9b943fd57fa384ea2a2156629196f6bd8867c9406
bea141b0e1c016faface442cf56dae318f97789bea95d633da28014d5233a934
c03e3b2943f699bc681b4449f737e96566128d62402914d631a6930bfc55106d
c16a5200a698489cf33d3f902021c2454845ea9fe452b32ef0ab39705100c3a9
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c31c872bd1b263e86b8127059907e0c7e94c0985a85acd24d856f4d9aa294db9
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c3eba5a82257dd5134b9122c906f06aa9e9f60ae582f648cca486cb9bb979b72
c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c50826cdb497c6a342ffa838f3d57b31e245246f4493af3994f6e8d458044bde
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9b6164ccc60fa98562a1d315d63a961a7ffa16183117a6a5f6d5bf3893283c0
c9f7b3cab2e1ad7ca00d3037abe468d8e3bb8fc008eaa083405a8cc90a8ddab9
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbdd744652a0996e4783197fe2396762405a851da4ad61cb6f373e5896efca94
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d47adb54c911f5d491a851513106656a0ad00dc15ccd7c0661012749e588b22f
d5133a1035cbf203be573cc6e15a2d4f8477b62568bea772b2192dc68c4980e5
d6f712bb063293806236d362715f5f3f134ddeb3da95e66f7f7d5f1311975296
d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
dcaf40045435742cc7a12ec52a5d37e57acb5ef551140df4443c3de9c84e63a1
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e0c07542f764ac7a8023298a111647a7217c67ff7ac391a73a52ed5c4c3db4ac
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e0dde4b2146a370deb629e667ba13721d8bb050d3ad18eb2bc1ffdb3c0271d33
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e63ce5b7ed21eed9e79e149fd15071f7d52af26b7b50b23af810cfe3b50f7a1a
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
e84e0083068d9e569536a3d3f2457455d4525c8e993c7a151e7e7c218f44959b
ec220e0c50cbe44662343fa05040645edeccb7fc4643da3bbec76c7110d17017
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef60ecae90e87144b6346fe1f031774dec3be996a48d8cf5e1b2c83b42508b46
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f2705aeb6c87ef92c1adc8a320a224a2dc9ae39eaa30f54fb7b49b2e95ede221
f301466fc57b3c08828a15dde7fac0eb8ae941d4884bb6caa10f626f615fb6f2
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7b8b50ec3d6b55c29ac046a55b597e1f951cd9e6093bb7badd4d233920ddd71
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fec4890d19efd8e5bfa0a46e7a1898ee9a78db6d4b5237a8f52bc8822fc73c27