www.pinturillo2.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.pinturillo2.com/
Effective URL:
https://www.pinturillo2.com/
Submission: On December 01 via api (December 1st 2023, 4:30:35 am UTC) from US — Scanned from NL

Summary HTTP 173 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 65 IPs in 10 countries across 63 domains to perform 173 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.pinturillo2.com.
TLS certificate: Issued by E1 on October 4th 2023. Valid for: 3 months.

This is the only time www.pinturillo2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:2e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:9325	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:9000:264... 2600:9000:2644:ee00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:214... 2600:9000:214f:aa00:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:780... 2a02:26f0:780::210:a440	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.18.219.15 104.18.219.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	104.22.75.216 104.22.75.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	18.158.216.196 18.158.216.196	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::ac40:994e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
2 5	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
3	52.30.181.208 52.30.181.208	16509 (AMAZON-02) (AMAZON-02)
11	54.76.1.136 54.76.1.136	16509 (AMAZON-02) (AMAZON-02)
5	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
11	104.18.43.178 104.18.43.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.7 13.32.27.7	16509 (AMAZON-02) (AMAZON-02)
4	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
6	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.255.245.69 34.255.245.69	16509 (AMAZON-02) (AMAZON-02)
1 2	81.17.55.122 81.17.55.122	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 10	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:205... 2600:9000:2057:600:1f:4c18:bd40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1	34.203.168.193 34.203.168.193	14618 (AMAZON-AES) (AMAZON-AES)
2 2	216.52.2.16 216.52.2.16	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	216.52.2.48 216.52.2.48	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
4 5	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	69.166.1.67 69.166.1.67	27630 (AS-XFERNET) (AS-XFERNET)
1 1	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 1	18.235.74.4 18.235.74.4	14618 (AMAZON-AES) (AMAZON-AES)
2	18.195.110.104 18.195.110.104	16509 (AMAZON-02) (AMAZON-02)
1 1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.86.138.151 185.86.138.151	201081 (SMARTADSE...) (SMARTADSERVER)
9	52.210.15.1 52.210.15.1	16509 (AMAZON-02) (AMAZON-02)
3 4	18.197.187.29 18.197.187.29	16509 (AMAZON-02) (AMAZON-02)
5 5	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
2 2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.209.112.6 54.209.112.6	14618 (AMAZON-AES) (AMAZON-AES)
1	2a05:d018:d29... 2a05:d018:d29:3605:3b2e:d970:bb65:e6b3	16509 (AMAZON-02) (AMAZON-02)
1 1	54.161.205.127 54.161.205.127	14618 (AMAZON-AES) (AMAZON-AES)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
2 3	70.42.32.255 70.42.32.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
5 6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	211.120.53.200 211.120.53.200	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	188.166.17.21 188.166.17.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	89.149.192.201 89.149.192.201	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	141.95.32.71 141.95.32.71	16276 (OVH) (OVH)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	34.255.40.44 34.255.40.44	16509 (AMAZON-02) (AMAZON-02)
3 4	2607:ae80:192... 2607:ae80:192:1::172	() ()
1 1	18.134.84.16 18.134.84.16	() ()
3 3	52.210.176.42 52.210.176.42	() ()
1 1	213.227.153.222 213.227.153.222	() ()
173	65

25 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pinturillo2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:2e8 (United States)

ASN13335 (CLOUDFLARENET, US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:9325 (United States)

ASN13335 (CLOUDFLARENET, US)

game-cdn.poki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.poki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
devs-api.poki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:ee00:9:46dc:4700:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:aa00:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:780::210:a440 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.219.15 (None, )

ASN13335 (CLOUDFLARENET, US)

geo.poki.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.75.216 (None, )

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.216.196 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-216-196.eu-central-1.compute.amazonaws.com

api.cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.85 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.30.181.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-181-208.eu-west-1.compute.amazonaws.com

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.76.1.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-1-136.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.43.178 (None, )

ASN13335 (CLOUDFLARENET, US)

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-7.fra56.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.245.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-245-69.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.17.55.122 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.201.255.110 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:600:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cs-rtb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.168.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-168-193.compute-1.amazonaws.com

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.131 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.67 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.66 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.74.4 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-74-4.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.110.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-110-104.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.151 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.197.187.29 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-187-29.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.3.26 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.112.6 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-112-6.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:3b2e:d970:bb65:e6b3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.161.205.127 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-205-127.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.255 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.120.53.200 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.17.21 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.149.192.201 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.32.71 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-006.roqad.pl

wt.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.40.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-40-44.eu-west-1.compute.amazonaws.com

ad2.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:ae80:192:1::172 (None, ) 3 redirects

ASN- ()

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.134.84.16 (None, ) 1 redirects

ASN- ()

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.210.176.42 (None, ) 3 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.153.222 (None, ) 1 redirects

ASN- ()

b1h-euc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	pinturillo2.com 1 redirects www.pinturillo2.com	138 KB
15	rubiconproject.com 2 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 eus.rubiconproject.com — Cisco Umbrella Rank: 588 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946 token.rubiconproject.com — Cisco Umbrella Rank: 461 pixel.rubiconproject.com — Cisco Umbrella Rank: 339	46 KB
12	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2371 public.servenobid.com — Cisco Umbrella Rank: 5655	8 KB
11	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1524 usersync.gumgum.com — Cisco Umbrella Rank: 1858 rtb.gumgum.com — Cisco Umbrella Rank: 1472	4 KB
11	the-ozone-project.com elb.the-ozone-project.com — Cisco Umbrella Rank: 4765	25 KB
10	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578 ssum.casalemedia.com — Cisco Umbrella Rank: 1351	7 KB
9	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 ad.doubleclick.net — Cisco Umbrella Rank: 139 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	168 KB
9	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410 s.amazon-adsystem.com — Cisco Umbrella Rank: 285	72 KB
8	inmobi.com 1 redirects cmp.inmobi.com — Cisco Umbrella Rank: 3926 api.cmp.inmobi.com — Cisco Umbrella Rank: 12882 sync.inmobi.com — Cisco Umbrella Rank: 1442	209 KB
6	smartadserver.com 4 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 742 ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1332 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	3 KB
6	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504 ads.pubmatic.com — Cisco Umbrella Rank: 544 image6.pubmatic.com — Cisco Umbrella Rank: 793	24 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 acdn.adnxs.com — Cisco Umbrella Rank: 610 secure.adnxs.com — Cisco Umbrella Rank: 478	32 KB
5	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 560	3 KB
5	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 714	1 KB
5	4dex.io script.4dex.io — Cisco Umbrella Rank: 1628 mp.4dex.io — Cisco Umbrella Rank: 2346	25 KB
5	poki.com game-cdn.poki.com — Cisco Umbrella Rank: 25750 api.poki.com — Cisco Umbrella Rank: 26473 devs-api.poki.com — Cisco Umbrella Rank: 28003	71 KB
4	stickyadstv.com 3 redirects ads.stickyadstv.com	3 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	593 B
4	zemanta.com 3 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586 b1h-euc1.zemanta.com	2 KB
4	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	1 KB
4	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 2147 cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2453	2 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 931 api.btloader.com — Cisco Umbrella Rank: 1000	24 KB
3	bidr.io 3 redirects match.prod.bidr.io	1 KB
3	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 307 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	566 B
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 546	2 KB
3	lijit.com 2 redirects ce.lijit.com — Cisco Umbrella Rank: 835 ap.lijit.com — Cisco Umbrella Rank: 650	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 564	883 B
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 491	675 B
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	69 B
2	rfihub.com 2 redirects p.rfihub.com — Cisco Umbrella Rank: 825	1 KB
2	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258 usermatch.targeting.unrulymedia.com	465 B
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1053	104 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1018	1 KB
2	createjs.com code.createjs.com — Cisco Umbrella Rank: 1586	44 KB
2	adinplay.com api.adinplay.com — Cisco Umbrella Rank: 15619	197 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	149 KB
1	fwmrm.net 1 redirects 1f2e7.v.fwmrm.net	595 B
1	360yield.com ad2.360yield.com — Cisco Umbrella Rank: 11022	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	921 B
1	dotomi.com prebid-match.dotomi.com — Cisco Umbrella Rank: 1982	104 B
1	rqtrk.eu wt.rqtrk.eu — Cisco Umbrella Rank: 1499	350 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 749	508 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	623 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1901	514 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1450	701 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 501	541 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 925	44 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 836	465 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 702	1 KB
1	media.net 1 redirects hbx.media.net — Cisco Umbrella Rank: 1215	287 B
1	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 1557	276 B
1	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 751	234 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 951	399 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773	434 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1750	134 B
1	minutemedia-prebid.com cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 6250	524 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
1	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 487	126 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	2 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1814	46 KB
1	poki.io geo.poki.io — Cisco Umbrella Rank: 167114	216 B
1	quantcast.com 1 redirects cmp.quantcast.com — Cisco Umbrella Rank: 3555	588 B
173	63

	Domain	Requested by
25	www.pinturillo2.com	1 redirects www.pinturillo2.com
11	elb.the-ozone-project.com	api.adinplay.com cadmus.script.ac elb.the-ozone-project.com ads.stickyadstv.com static.cloudflareinsights.com
11	ads.servenobid.com	api.adinplay.com public.servenobid.com g2.gumgum.com ssum-sec.casalemedia.com ssbsync.smartadserver.com
9	usersync.gumgum.com	g2.gumgum.com
6	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
6	cm.g.doubleclick.net	5 redirects g2.gumgum.com
6	eus.rubiconproject.com	cadmus.script.ac public.servenobid.com eus.rubiconproject.com g2.gumgum.com
6	cmp.inmobi.com	www.pinturillo2.com cmp.quantcast.com cmp.inmobi.com
5	c1.adform.net	5 redirects
5	onetag-sys.com	api.adinplay.com cadmus.script.ac public.servenobid.com
4	ads.stickyadstv.com	3 redirects elb.the-ozone-project.com
4	match.adsrvr.org	g2.gumgum.com ssum-sec.casalemedia.com elb.the-ozone-project.com ads.stickyadstv.com
4	x.bidswitch.net	3 redirects g2.gumgum.com
4	ads.pubmatic.com	cadmus.script.ac public.servenobid.com g2.gumgum.com elb.the-ozone-project.com
4	ib.adnxs.com	1 redirects api.adinplay.com
3	match.prod.bidr.io	3 redirects
3	token.rubiconproject.com	eus.rubiconproject.com
3	rtb-csync.smartadserver.com	2 redirects ssbsync.smartadserver.com
3	b1sync.zemanta.com	2 redirects ssbsync.smartadserver.com
3	sync.1rx.io	3 redirects
3	ssum-sec.casalemedia.com	1 redirects public.servenobid.com ssum-sec.casalemedia.com
3	aax.amazon-adsystem.com	c.amazon-adsystem.com
3	hb.yellowblue.io	api.adinplay.com
3	fastlane.rubiconproject.com	api.adinplay.com
3	mp.4dex.io	api.adinplay.com
3	api.btloader.com	btloader.com
3	c.amazon-adsystem.com	api.adinplay.com c.amazon-adsystem.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	creativecdn.com	2 redirects
2	us-u.openx.net	2 redirects
2	match.sharethrough.com	public.servenobid.com ssbsync.smartadserver.com
2	ups.analytics.yahoo.com	public.servenobid.com
2	p.rfihub.com	2 redirects
2	ce.lijit.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	ssbsync.smartadserver.com	1 redirects public.servenobid.com
2	script.4dex.io	cadmus.script.ac
2	i.clean.gg	cadmus.script.ac
2	ad-delivery.net	www.pinturillo2.com
2	securepubads.g.doubleclick.net	api.adinplay.com cadmus.script.ac
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	api.poki.com	game-cdn.poki.com
2	code.createjs.com	www.pinturillo2.com
2	game-cdn.poki.com	www.pinturillo2.com game-cdn.poki.com
2	api.adinplay.com	www.pinturillo2.com api.adinplay.com
2	www.googletagmanager.com	www.pinturillo2.com www.googletagmanager.com
1	usermatch.targeting.unrulymedia.com	elb.the-ozone-project.com
1	b1h-euc1.zemanta.com	1 redirects
1	1f2e7.v.fwmrm.net	1 redirects
1	ad2.360yield.com	elb.the-ozone-project.com
1	id5-sync.com	elb.the-ozone-project.com
1	sync.inmobi.com	1 redirects
1	pixel.rubiconproject.com	elb.the-ozone-project.com
1	prebid-match.dotomi.com	elb.the-ozone-project.com
1	ssum.casalemedia.com	1 redirects
1	wt.rqtrk.eu	ssbsync.smartadserver.com
1	cms.quantserve.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	tg.socdm.com	1 redirects
1	rtb.gumgum.com	g2.gumgum.com
1	bh.contextweb.com	1 redirects
1	match.deepintent.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	g2.gumgum.com
1	sync.srv.stackadapt.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ssbsync-global.smartadserver.com	1 redirects
1	hbx.media.net	1 redirects
1	ssp.disqus.com	1 redirects
1	prebid.a-mo.net	1 redirects
1	sync.go.sonobi.com	public.servenobid.com
1	sync.targeting.unrulymedia.com	1 redirects
1	ad.turn.com	1 redirects
1	ap.lijit.com	public.servenobid.com
1	cs-server-s2s.yellowblue.io	public.servenobid.com
1	sync.adkernel.com	public.servenobid.com
1	cs-rtb.minutemedia-prebid.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	static.cloudflareinsights.com	elb.the-ozone-project.com
1	acdn.adnxs.com	cadmus.script.ac
1	public.servenobid.com	cadmus.script.ac
1	hbopenbid.pubmatic.com	api.adinplay.com
1	api.cmp.inmobi.com	cmp.inmobi.com
1	ad.doubleclick.net	www.pinturillo2.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	btloader.com	api.adinplay.com
1	imasdk.googleapis.com	api.adinplay.com
1	cdn.jsdelivr.net	api.adinplay.com
1	cadmus.script.ac	api.adinplay.com
1	region1.google-analytics.com	www.googletagmanager.com
1	geo.poki.io	game-cdn.poki.com
1	devs-api.poki.com	game-cdn.poki.com
1	cmp.quantcast.com	1 redirects
173	95

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.youtube.com
www.facebook.com
twitter.com
chachiware.com
gametronia.com

Subject Issuer	Validity	Valid
pinturillo2.com E1	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
adinplay.com GTS CA 1P5	`2023-10-19` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
script.ac E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
btloader.com GTS CA 1P5	`2023-10-19` - `2024-01-17`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-11-14` - `2024-02-12`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
the-ozone-project.com E1	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-05`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.minutemedia-prebid.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-11-30` - `2024-01-01`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2023-02-08` - `2024-02-15`	a year	crt.sh
*.zemanta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-05`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://www.pinturillo2.com/
Frame ID: FA29E0AF0379CA2FB40BC95AD4AF1DA5
Requests: 87 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 68E368C841237742F4F714FA1F819A50
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1701405031888
Frame ID: 6E0CD02FF660F1BF43A76FCA00539DBA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Frame ID: FB6C02DD90D3D17B58C2B926C106F2D6
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 22CF98C60960DC70224784DC5ACB0065
Requests: 3 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Frame ID: BDC3C851CC86A81118654082211AF748
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A68740CA35BF21B84C9CABF8F9BA540D
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 125BCBBED530F24B992F8B6E7618E3EE
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 382E569A6EB71CE2A501BD614E8CE27C
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 9CA97308B2C396CAB570DF0DA23B0EA3
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 926248052F462531E1DD4511AC624E6B
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 59E28B5475E1404CCF4494DB5BD284EA
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 5D385D420492D5A81B58098BDF34CB95
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 6D3079584B4ABD16BBEC07AF17881B81
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: D45B3FA2F4546CB5A34C29E4683FC623
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 6B6B2A9AF7921E5C0165489DA7D332CD
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=3768262400588959971&gdpr=0&gdpr_consent=
Frame ID: C1FB6F704987F3F7D214FE40DCA61FEB
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iOWJhMjdmMC0yOTdiLTQ3ZDgtOTlkYS1kMzBiNTUxZDc2OTU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
Frame ID: 332843C858D5643C41282DD429028024
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: F9E489A9CA7BA33E5859A76A49405DD4
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 90C5890AE157FA0B32B671FF9A00DA8A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZWlhacCo5s8AADDalogAAAAA
Frame ID: A6050224574D06B152B6992EFD840ECA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=f145WnNEE2Q7jDE4TAca80AeHXzAbRrbljYmQJV5vcA&pi=gumgum&tc=1
Frame ID: 160979A7D7A93A4F8916E1703991D3A7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 102FBE61635B758D986F24D2D8D3D2AB
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 9503935DA4444B224B24E826F16EB8C5
Requests: 1 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=pbs-ozone&callback=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 69F196CD3A056B2C6F97CA9BA3F65F76
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 1B7E93BC3DBF6ECC4EEDBBC93120E668
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
Frame ID: 6892B425B0C0D7402E12355E0ED6AC20
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Frame ID: E266EFD48A3A87E7A5D8CFE6EDCB2678
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=0&consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26%24UID
Frame ID: A6E927CA8251C4C4A3B882FF95D11BEF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pinturillo 2 - Draw and guess multiplayer online game

Page URL History Show full URLs

http://www.pinturillo2.com/ HTTP 301
https://www.pinturillo2.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

173
Requests

82 %
HTTPS

26 %
IPv6

63
Domains

95
Subdomains

65
IPs

10
Countries

1447 kB
Transfer

4621 kB
Size

65
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/es/app/pinturillo-2-lite/id460939125

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=air.com.pinturillo2.pinturillo2

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@Pinturillo2Game

Search URL Search Domain Scan URL

URL: https://www.facebook.com/playpinturillo/

Search URL Search Domain Scan URL

URL: https://twitter.com/share

Search URL Search Domain Scan URL

URL: http://chachiware.com/terms/
Title: Condiciones

Search URL Search Domain Scan URL

URL: http://chachiware.com/privacy/
Title: Política de datos y uso de cookies

Search URL Search Domain Scan URL

URL: https://gametronia.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.pinturillo2.com/ HTTP 301
https://www.pinturillo2.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://cmp.quantcast.com/choice/11Vb-uusbgv8t/pinturillo2.com/choice.js?tag_version=V2 HTTP 301
https://cmp.inmobi.com/choice/11Vb-uusbgv8t/pinturillo2.com/choice.js?tag_version=V2

Request Chain 99

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 100

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 105

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=3402031402323856551

Request Chain 106

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=HvxOrRZHXagg3ItfQ4qadTSz

Request Chain 108

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1701405032354 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=5396580654 HTTP 302
https://sync.1rx.io/usersync/turn/8976263294276042660?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-ca5fb6e4-e325-4f3c-bc56-b95dca14bb94-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-ca5fb6e4-e325-4f3c-bc56-b95dca14bb94-003 HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-ca5fb6e4-e325-4f3c-bc56-b95dca14bb94-003

Request Chain 109

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5144588527800874570

Request Chain 111

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

Request Chain 113

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://ads.servenobid.com/sync?pid=346&uid=ua-c9f7d61f-f6ac-3e6b-bbc2-b88695dee598

Request Chain 116

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Request Chain 118

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=6465168667233275546

Request Chain 120

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=3402031402323856551

Request Chain 121

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_b9ba27f0-297b-47d8-99da-d30b551d7695&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_b9ba27f0-297b-47d8-99da-d30b551d7695&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=130854716378443416&ssp=gumgum2

Request Chain 122

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=a6c66d9b-65a4-4fe9-9c83-fecbd9525a5a

Request Chain 123

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-80dc48f5-e2c3-5d5d-7b5d-0ac1cc4cd6ce$ip$95.211.95.242

Request Chain 125

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=2afa8cb6-169a-44bc-bc35-b759cc315691

Request Chain 127

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_b9ba27f0-297b-47d8-99da-d30b551d7695&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_b9ba27f0-297b-47d8-99da-d30b551d7695&s=2&us_privacy=1--- HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=ppLZszKqHkWqeEzkOk1N&gdpr=0&us_privacy=1---

Request Chain 128

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=4zUfL6AtkiWQ&ev=1&pid=558355

Request Chain 129

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=3835336827270385357

Request Chain 131

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=adf&i=3768262400588959971&gdpr=0&gdpr_consent=

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iOWJhMjdmMC0yOTdiLTQ3ZDgtOTlkYS1kMzBiNTUxZDc2OTU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iOWJhMjdmMC0yOTdiLTQ3ZDgtOTlkYS1kMzBiNTUxZDc2OTU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=

Request Chain 135

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZWlhacCo5s8AADDalogAAAAA

Request Chain 136

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=f145WnNEE2Q7jDE4TAca80AeHXzAbRrbljYmQJV5vcA&pi=gumgum&tc=1

Request Chain 137

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 138

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWlhaAC2lfCI94rAs.o3ggAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZWlhaAC2lfCI94rAs.o3ggAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIm0wO8mQGL5Rx_o9_x3jJc&google_cver=1&google_hm=2

Request Chain 139

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWlhaAC2lfCI94rAs-o3ggAAFIwAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWlhaAC2lfCI94rAs-o3ggAAFIwAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWlhaAC2lfCI94rAs-o3ggAAFIwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZWlhaAC2lfCI94rAs-o3ggAAFIwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO6z1AIwPSgzCrigrUf4k1w&google_cver=1

Request Chain 142

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210828472830575

Request Chain 143

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZWlhaAC2lfCI94rAs.o3ggAA%265260 HTTP 302
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=cb909d12-5f8f-411e-bf41-49c3fc8541dc

Request Chain 144

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4352546796036031277&expiration=1702614632

Request Chain 145

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=284FE48CD8174C86848521C8730295A1

Request Chain 150

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3835336827270385357&gdpr=0&gdpr_consent=

Request Chain 151

https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=r2Y5Uq9iOVO0Mm1YoTEiWK8wNwm0aj4K_WF3iAeW

Request Chain 153

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=3835336827270385357&gdpr_pd=0&gdpr=0&gdpr_consent=

Request Chain 155

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZWlhaAC2lfCI94rAs.o3ggAA%265260

Request Chain 162

https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=pbs-ozone&callback=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D

Request Chain 164

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=770be4cc-48a4-48ea-823a-61cd039ba4e1

Request Chain 166

https://ads.stickyadstv.com/auto-user-sync?pbs=true HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f43379bf26d7b6dca624e1ee6f3aef19&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1031_7309178828536227718&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?userId=AAAs5U7K0sMAABSguLs8dQ&dataProviderId=817&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0

Request Chain 168

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://elb.the-ozone-project.com/setuid?uid=AAAs5U7K0sMAABSguLs8dQ&bidder=beeswax

Request Chain 169

https://b1h-euc1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Doutbrain%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D__ZUID__ HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone

173 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pinturillo2.com/
Redirect Chain

http://www.pinturillo2.com/
https://www.pinturillo2.com/

5 KB
2 KB

118ms
70ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10c96e722ab67adda3fac5cfc59323067e01a1b1cc7b13b27262ee3736009df6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
age: 0
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82e8984998d30bab-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 04:30:26 GMT
expires: Thu, 1 Jan 1970 00:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSPbxTp8CLjU7zydja7xkrqFrHD6sEVlWgS%2F44r00IcHAK6nf7wLk0McjwfO0cpyZkkWv4%2BuOivaPA3T5JAw5zoYiOkZcX43%2B40K31oZ2DyZmxSuQPd4mQ1SBlV8oynqaQl5OgUV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 82e89848a9d32bc0-FRA
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Fri, 01 Dec 2023 04:30:26 GMT
Location: https://www.pinturillo2.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urcNVEPiDptg%2FOJkqDUbDrIrNZ639q%2B7wpKqV3pj14vOPKTuouSApUVaUji6wUv0s9seWGBwxf7Ol%2BOBOt%2BYdJbnACpyxrP37I8cSllSHpGmQR%2FrW6ulwqF4Jc9OmQBQVidb2zNz"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
www.pinturillo2.com/w/ 3 KB
1 KB 159ms
157ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/w/style.css
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869033bc075d8d55bd21ad79a0e7973a3f6be24d21c6dbf0bdd83131c3d6f4f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaTByjPpWZ1KpD3yvDSV7PN1K%2FaqpJhcqzF8TSfgI5ivN1o5fe%2F4FZo8Pb7yp%2F1pBv6uUynWqSddOxHMGFEVllUds6SgJt3SQTmctBzqVT%2FGcCusz9fx7K9xHIWaXlAzobMbauVY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 82e8984a19330bab-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 js.js Show response
www.pinturillo2.com/w/ 6 KB
2 KB 162ms
160ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/w/js.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2090fd7a1e65a23aa5daeb05a0ae69dd42cc4c60d407717cc50a031c4b5a1758

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vs7OJb8bFSlUqpJws3LZkJwCH%2FHicgfDLbWINJ6woR9z4m4P1mMcByl7vcpwb4I8f%2FxFTLYd7QyoVhCKGANseL8%2FSB1JhmI7I7ADcYIwh9%2BZFdFjGQ1DSvRkkMl%2FJTCSXTCCyglb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 82e8984a19370bab-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 626ms
54ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-6337473-3

Requested by

Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c10214337f6946c6c76ecce923a825961d40f2c879f38140c67ae7afe6ae2944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69065
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 04:30:27 GMT

GET
H2 200 tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/ 634 KB
196 KB 711ms
139ms Script
application/javascript 2606:4700:20::681a:2e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cfcfe057d1a55db988e17d9cf12a8b215e40341040b6623a57ee9990d1cdc75

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 08:03:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"656841ef-9e9f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvmKTl2UyflI7nBHK6VE%2FtSv1Ui7srD0bStOeiiHey03%2FKJzYADU%2FJQlOtTC9v7ymfhGIZQB8gzUmdvImBwiFUFYWGQyZCu6tFGQBlJ0x%2Fk1C%2FZYJuWt8GBbaojacE56Qvvq%2BP6KSINbptrHwGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
x-host: adinplay-1
cf-ray: 82e8984eafb718ed-FRA

GET
H2 200 poki-sdk.js Show response
game-cdn.poki.com/scripts/v2/ 4 KB
2 KB 88ms
27ms Script
text/javascript 2606:4700::6811:9325
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game-cdn.poki.com/scripts/v2/poki-sdk.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 345e266210fd1988d4a70630c3730b28277d82ea76e5533901fe7b4c3c72e416

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:06:14 GMT
server: cloudflare
x-amz-request-id: 138AB6BE0YC1XFS7
age: 291
etag: W/"24d9993e64545dca8eb2b9631c52316f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=600, stale-while-revalidate=10800, stale-if-error=86400
cf-ray: 82e8984a6ed0997b-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: XRN4jNTQPEWSVmBrQoO0kIPQ61W4lloALuqiyHH9xw51yMLFw5U12/op/c9fqHedw17P1ma0I/oQwA8Ne/qOJQ==

GET
H2 200 logotop.png
www.pinturillo2.com/webm/ 11 KB
12 KB 148ms
147ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/webm/logotop.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e445ddc0b5c15f3cd8b3cb7bdc0a8f8c8ca8f0a832f3c91107573dc927ab7143

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYkTyQKNRNgdAOkNz23CW%2Fq%2FEK39ZwVo%2B7NElzLiM7EmDywc%2BaLA2IyzKC%2FXzc5hhzzoyAID9TYYQHctiYIkNkMhFhefBpmbrkry9BftFAywMRI35Qz8jUjCR2YCr529bh4TtUOU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 82e8984a19350bab-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11559
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 gp.png
www.pinturillo2.com/w/img/badges/ 8 KB
8 KB 158ms
157ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/w/img/badges/gp.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1a3412b3379f41686f2e6bd0d48ef1ac4a79b8ec092aad58dcfb3c6aa25b72d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnE5XwSNR9gpAKI4vr6PwsTruNQneg%2FsNYAUDB1yTE1Lyn4rMrY4s0FR0IUTm%2FOHS4tvQvwXjUdSd6sGcaTUG1BloHSYcGetiVUXPEKFZwPDtDRBY3O9OoBf0Onge6SR%2Bhr9Oime"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 82e8984a19360bab-AMS
alt-svc: h3=":443"; ma=86400
content-length: 7742
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 as.png
www.pinturillo2.com/w/img/badges/ 7 KB
7 KB 157ms
157ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/w/img/badges/as.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e230519e9e6bd75dce131497e7a0aa2ae9d1136732f66a0ebb6bdff88c8c875

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5pkBMWsTEhjGWxI68ZGQNwbNYCc%2BCC3GY6Vghsp79igr81hi7nTpcjX%2B3cO709hyPTgdzv89qxmLVsDANBFFOFO%2B6GXYWGOrc%2FJl%2F3YoC4%2B%2Bk5pPBRVRLnl%2FUcLT4Bh96t5gZQz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 82e8984af8fe5c32-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6797
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 icoyou.png
www.pinturillo2.com/w/img/footer/ 3 KB
3 KB 151ms
150ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/w/img/footer/icoyou.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d09055e38c04120b7763197b4dcfdf4f23877a24f13f9818fc59436384bf381c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pBYwEynhZpzHBrWcSReK%2B9BJ7zPlcsyxoed2qCdiHMckmAM8qLT%2F67pzIEAynJfQzZWbJ41sw4oorj1VPKD3fPA6mnwn%2FksSHzlcDlR3Z1acyory6jIG3kmiDgT5SyKVSlykzqT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 82e8984b19145c32-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3006
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 icome.png
www.pinturillo2.com/w/img/footer/ 3 KB
4 KB 155ms
153ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/w/img/footer/icome.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4aa3f1a9964a9c3343e0093b7c123e1a88d52e00a253ae84cd912684b65b4d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84Ipnb5%2FndT9I0MZO%2Bk5G3E6jwpZPgaFqfDmFXRY6rDVZxsbfSoyafSSyXB7vveQgGqE8Qx1OQZcSimgJIfz0Kfsx%2FNBWsr5DeMizIjOSO1Cuw%2FQAW8vj6c9DK%2FCVwpJhyX5wOOW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 82e8984b19165c32-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3154
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 icotwi.png
www.pinturillo2.com/w/img/footer/ 3 KB
4 KB 169ms
168ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/w/img/footer/icotwi.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78164210ecf4b4ea8c4e367a91fc620dfb222ce557c3b8836235a7badfb5c467

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFcIljAgn5GqEv7iIfyv1rPPparnL8nhZp9d%2FmVM4elnEGMpeUMJtOEQkYqOgRdAoLNVjSnIThu2zkojmSYpxujjSI485%2FctDSM7kydmlbB9LiGDULYpZm915%2FPXUzM8e763d%2FgR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 82e8984b19195c32-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3408
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 ban1.png
www.pinturillo2.com/w/ban/ 11 KB
12 KB 161ms
159ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/w/ban/ban1.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94fe1d55ae21b6732c46db5cabfd70a040af149cadfa1235ff20852bf35966c6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMYKbZKTpiR01822YbMG5Ybkn83j%2BGI3ZlMyUETbzN02BSCgoV%2FvEI5Kj7gF7GbuCpeHqJCanjX1ZvJyVhKlxNhSFncVo99ZwdYp6d9BuRKyGcEo3PFxKEc5kLCf4LfimQoYbLCr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 82e8984b191c5c32-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11360
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 poki-sdk-core-fa6e4a83910d998febc03d1d2afb1116af4c07b1.js Show response
game-cdn.poki.com/scripts/fa6e4a83910d998febc03d1d2afb1116af4c07b1/ 184 KB
51 KB 398ms
54ms Script
text/javascript 2606:4700::6811:9325
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game-cdn.poki.com/scripts/fa6e4a83910d998febc03d1d2afb1116af4c07b1/poki-sdk-core-fa6e4a83910d998febc03d1d2afb1116af4c07b1.js
Requested by: Host: game-cdn.poki.com
URL: https://game-cdn.poki.com/scripts/v2/poki-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e6f79c8c1b0f1d4d9dd7c1d25a524946cfaa3d744f44119fb2d6e1196de390e

Request headers

Referer: https://www.pinturillo2.com/
Origin: https://www.pinturillo2.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:27 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: AS6ABXS1DNHWT880
age: 238371
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: jXroXSBdJPjbhIsQ06NZIf1t0dqeGVBPYXfMxIEjDigYV4l6FbkDhJCRFTuT3itpvYPE1GS6p2A=
last-modified: Thu, 23 Nov 2023 10:05:58 GMT
server: cloudflare
etag: W/"c300d38a27ce18f7dfd60727353a6b99"
access-control-max-age: 31557600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=10800, stale-if-error=86400
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cf-ray: 82e8984d48132bc6-FRA

GET
H3 200 gp.png
www.pinturillo2.com/w/img/badges/ 8 KB
8 KB 175ms
174ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/w/img/badges/gp.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1a3412b3379f41686f2e6bd0d48ef1ac4a79b8ec092aad58dcfb3c6aa25b72d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sH3ZIZE53qc6KiEFEBm3CZO1dK4HAN2PBgDPUHWkzwWKKFlqhQoRGjwjvuclXJP8nr%2FdxYeBHGR0Os4%2FyVlADzvu2TVNZGGvvc064I3FMkfyFbEkFaytKnF1UnUchD7G1tDbx1IZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 82e8984b191d5c32-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7742
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 main.js Show response
www.pinturillo2.com/appData/min/js/ 3 KB
2 KB 179ms
178ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/min/js/main.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/w/js.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 527dcd7b35313805b08d03c304051f867afb8033ab123e6a575a3d9331a4e9f4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2Fntd5a6zdKTakvzkMXFKgtUzQblDIiOPtPJro3Be7W9%2FqjAn4L3egR8uobpMySg%2BkfrbZvJo9hVi101zw%2BudxAin45j1bg5FnsVjtypvZAPx1Ip1etXvVaiEYDkWXxmjPzL8g8R"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 82e8984b191e5c32-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/11Vb-uusbgv8t/pinturillo2.com/
Redirect Chain

https://cmp.quantcast.com/choice/11Vb-uusbgv8t/pinturillo2.com/choice.js?tag_version=V2
https://cmp.inmobi.com/choice/11Vb-uusbgv8t/pinturillo2.com/choice.js?tag_version=V2

4 KB
2 KB

235ms
57ms

Script
application/javascript

2600:9000:214f:aa00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/11Vb-uusbgv8t/pinturillo2.com/choice.js?tag_version=V2
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Server: 2600:9000:214f:aa00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f4b42dd1e22a1bdd89367dd28885c2458639394318f65939c0b29c142101a60

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:29 GMT
content-encoding: br
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 18:40:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
etag: W/"36ceb26611385c1a5bb286a27331727b"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: vT_V4frCr8BJxgLOlPNKjDH_RzAjQ69knkuF04Shk3IhwgYpdPp_qw==

Redirect headers

x-amz-website-redirect-location: https://cmp.inmobi.com/choice/11Vb-uusbgv8t/pinturillo2.com/choice.js?tag_version=V2
date: Fri, 01 Dec 2023 04:30:28 GMT
via: 1.1 337ce1d1833905a0473cbaec913a354c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
last-modified: Tue, 14 Nov 2023 18:40:40 GMT
server: AmazonS3
etag: "6bf240ed80b177f6cf04cbee85b138ae"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location: https://cmp.inmobi.com/choice/11Vb-uusbgv8t/pinturillo2.com/choice.js?tag_version=V2
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: bEwULS8yps4pUkbFsleFuwdB5IQpgYc7gLqWRdzdc4TMjKuDLnWAMA==

GET
H3 200 part1.csv Show response
www.pinturillo2.com/appData/data/ 682 B
1 KB 169ms
161ms XHR
text/csv 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/data/part1.csv
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aacdd32e52f9e3a25c072439bda2d14baccfe2416dac4e64479516381e64b80d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
cf-cache-status: BYPASS
last-modified: Thu, 20 Apr 2023 19:41:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2aa-5f9c9b9f2e7c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bX0NNJC0kTMKoDzibVrcY%2FO5hjmKr1GIkMfWMR%2BDfpNqKdIJGof3CgHh3dLg7Dn9rkf6GW%2FjHlukgwYzRF30jmbyN9Gqww28h%2B5QFbS1n0SAMYzESxnqLKaOn7zRqKl9%2Bi6JurbQ"}],"group":"cf-nel","max_age":604800}
content-type: text/csv
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 82e8984eaaeb5c32-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 easeljs.min.js Show response
code.createjs.com/1.0.0/ 125 KB
35 KB 152ms
68ms Script
text/javascript 2a02:26f0:780::210:a440
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/easeljs.min.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:780::210:a440 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 9b895d5dd6bad4309956ebc2100019787940b0391e30432dac7ebc75fd6cc4c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:27 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 35817
expires: Fri, 01 Dec 2023 04:45:27 GMT

GET
H2 200 tweenjs.min.js Show response
code.createjs.com/1.0.0/ 26 KB
8 KB 379ms
296ms Script
text/javascript 2a02:26f0:780::210:a440
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/tweenjs.min.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:780::210:a440 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: a7fd9431277d14034c3b19696a73dc91a59997673cdbba25adbdcf853550bc15

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:27 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 8521
expires: Fri, 01 Dec 2023 04:45:27 GMT

GET
H3 200 manage.js Show response
www.pinturillo2.com/appData/min/js/ad/ 570 B
758 B 155ms
153ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/min/js/ad/manage.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8edc9843ba3c1265cf8c6091972b665fd5a49c9aeab9c9475300203e7b21de49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0DOBs16Y%2FEmJt6cyuYktumvDu591TGdR8Z4rJwhJ7HNwDCU8H%2BibhyTd5xYnbWi52HpEFYzH6wRhgUC%2BSO414N3wbt9bwPPmDGJzGCoer207jA47qss7BfT2bg6zvQuEj%2B%2FBUoI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 82e8984fab7b5c32-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 apk.js Show response
www.pinturillo2.com/appData/min/js/ad/ 1 KB
1 KB 152ms
150ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/min/js/ad/apk.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d03670b969b98046a686b56bbf289cf501c880ddc360d870e452587c2fcd01af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVOBIVvmE7GuLNs5sv5QUS4Wepv9mJX0cIvHTP458tGWpBHrBQ8omc%2BGk%2FQEFvBOaHMR12cQaDMLPch8qYkJkPyzerCoON03T1XZK5bDBTBI1BCiLI75HCGZJaVWxcI7AJsyydgh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 82e8984fab7d5c32-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 aaip.js Show response
www.pinturillo2.com/appData/min/js/ad/ 3 KB
1 KB 172ms
170ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/min/js/ad/aaip.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4833cf6a43e6a5ad628793f1737068c2a225df32cf8834c84e3191c8d5d12d48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHl4TugG8MKvzQFgs5R09dhENS9epm%2BhmJmOtq8tGRQefh9sKWFriqWfUFVm5zKx3vr4CUq7BLWIcQ62Crk4De5RCvRsrxEya9SgIMd7vku%2FSW3o%2F7SYxs8eLi47q%2BH46x5Eh24R"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 82e8984fab7e5c32-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 data.js Show response
www.pinturillo2.com/appData/min/js/ 60 KB
17 KB 195ms
193ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/min/js/data.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be360e5c28eb29c92a2b5ad2c14a0bc60b7a939696531f8e924b7ddd9e95daa1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McIqwj9H2uATFFv4LL%2FGxTGilbSssDbyWQDnpx6TX%2FzTERm%2FGIC5KZbAnujA6VTOVLVwh6AO5BG%2FEcvZkZmSM%2BkywAmpOw8h99t8Kzwh68pIx25FhUnEEVEYYnK6IT%2BH8kjNGSeI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 82e8984fab7f5c32-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 style.css
www.pinturillo2.com/appData/min/css/ 135 B
579 B 173ms
172ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/min/css/style.css
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b75241bb66fff0353a92342d1f4ee366803a5110850f7131c239bdca4e20e5e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZ4i0envuusy1WK5fNOug8PG%2BrdzGa1v2l2dMyik13cUDnbfwYeMZ7fQSeyfAxLcgQ38yJz4Itge8SZgfMqKeE5Bm1noHvrwlwbiX6WuwRCcM3LrlSyIQanMcKLgYn7uJh%2F1Viqu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 82e8984fab805c32-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 icoback.png
www.pinturillo2.com/appData/data/img/ 549 B
1 KB 156ms
155ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/appData/data/img/icoback.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da8f8ab7f8cff2efc4cabf5f7392f354fbeedc445f6052c089b2e48a6f2311fd

Request headers

Referer: https://www.pinturillo2.com/
Origin: https://www.pinturillo2.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8Z%2BHeeqCxygVkXYVCXOIfZ3viiaaJTgopIftOsQWH9VLXoVLUjYfXxOkcwqY7tdfNwxxFHle3tQoWtksc9ERV7vRMCRqnn9yCFaFl30wseAtVpJ6xnAU60zR91cZ1gUi6hiClE8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 82e8984fab815c32-FRA
alt-svc: h3=":443"; ma=86400
content-length: 549
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 icoplanet.png
www.pinturillo2.com/appData/data/img/ 1 KB
2 KB 157ms
156ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/appData/data/img/icoplanet.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac42067501d04dc982256c9b02e3264f08f6ec98d4239270f0846ad4c04c212

Request headers

Referer: https://www.pinturillo2.com/
Origin: https://www.pinturillo2.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uG%2BgtGczxf73Pty47HbAEWw7iBhXQTowWfHskULANTbMdumhR2b7Z6ot4cZPnNVaoTNzLQORLRucN9mWlNx3njBOFet9sjpqPQtLjCNADf0EoVANyzkzLpzeWjZ1ZUfA3SGnCCEN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 82e8984fab825c32-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1435
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 loader.png
www.pinturillo2.com/appData/data/img/ 9 KB
10 KB 172ms
171ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/appData/data/img/loader.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc7f783327a4f44f84a12c93bc0d32bceeb800bc96a911dd4295e592eef2ac2f

Request headers

Referer: https://www.pinturillo2.com/
Origin: https://www.pinturillo2.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygZKfYoXT8yOsdPB%2BblC8t%2Fvk85OPb994kEqjDXZ2sMrQyUioU0s9qKs%2Bex2AWxsZ5R8Da2r7l8MLnxvSzpUT6fsEQOjcTWz53Rz2Oh9UDNYM8997PCxYXjeJpnaKsWe5nZqiCIX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 82e8984fab835c32-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9482
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 logotop.png
www.pinturillo2.com/appData/data/img/ 11 KB
12 KB 161ms
160ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/appData/data/img/logotop.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e445ddc0b5c15f3cd8b3cb7bdc0a8f8c8ca8f0a832f3c91107573dc927ab7143

Request headers

Referer: https://www.pinturillo2.com/
Origin: https://www.pinturillo2.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roZC%2FnEO66CXuPCmAK%2FpyYTvL9P98GxmIrHR7FthLgIPeZ0uU5C07gxA1LJ%2BQpFNEPmqCDr9ycNmIWi33fb51puIS4BTijRPAm%2FN2b4Vb8H220wkeEYIPrtcirnYkVoILxQuh1e1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 82e8984fab845c32-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11559
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 logoIntro.png
www.pinturillo2.com/appData/data/img/ 25 KB
25 KB 195ms
194ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/appData/data/img/logoIntro.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 406448769d3f734b29da1f99563a0757dc7b40f8e1dc6e0dc87f1f07cc8cbb30

Request headers

Referer: https://www.pinturillo2.com/
Origin: https://www.pinturillo2.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:27 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egAcstcPFgLAOozRfoHcKOk5mVHKYDN1qy18YQCdpy96Lre%2FZZgRqD0Lt0gCzPaKgh0t2LatJf%2FN3c%2F9W6ChK2%2F1UnNIlE7WN1sbiiAois%2BtppkyWT%2FQZqElo03yCy21zrni65Xu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 82e8984fab855c32-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25485
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
81 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HK2QY2JTE8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6337473-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b77f34729477d94434e9bd66665d99c56a9194f8142fe2dc1383c492dc375c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82739
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 04:30:27 GMT

OPTIONS
H2 200 settings
api.poki.com/ads/ Frame 0
0 74ms
66ms Preflight 2606:4700::6811:9325
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.poki.com/ads/settings
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.pinturillo2.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: authorization, origin, content-type, accept
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82e89850baa82bc6-FRA
content-length: 0
date: Fri, 01 Dec 2023 04:30:27 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 @sdk Show response
devs-api.poki.com/gameinfo/ 206 B
416 B 48ms
39ms Fetch
application/json 2606:4700::6811:9325
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://devs-api.poki.com/gameinfo/@sdk?href=https%3A%2F%2Fwww.pinturillo2.com%2F&referrer=

Requested by

Host: game-cdn.poki.com
URL: https://game-cdn.poki.com/scripts/fa6e4a83910d998febc03d1d2afb1116af4c07b1/poki-sdk-core-fa6e4a83910d998febc03d1d2afb1116af4c07b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9325 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c3b5670a01f6506988a281dce6afe452f48831f72c60671e40e147b0098fde1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Dec 2023 04:30:27 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 03:37:45 GMT
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=10800
vary: Accept-Encoding
cf-ray: 82e89850baa72bc6-FRA
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding

GET
H2 200 / Show response
geo.poki.io/ 32 B
216 B 378ms
26ms Fetch
application/json 104.18.219.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.poki.io/
Requested by: Host: game-cdn.poki.com
URL: https://game-cdn.poki.com/scripts/fa6e4a83910d998febc03d1d2afb1116af4c07b1/poki-sdk-core-fa6e4a83910d998febc03d1d2afb1116af4c07b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.219.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194346de2123e8dc6ac7b9f63a35b2e31a87d3028a6a34fd11550d9d15d37b6b

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Dec 2023 04:30:28 GMT
server: cloudflare
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=3600
cf-ray: 82e89852dfc435f6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 32

GET
H3 200 settings Show response
api.poki.com/ads/ 43 KB
17 KB 50ms
50ms Fetch
application/json 2606:4700::6811:9325
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.poki.com/ads/settings
Requested by: Host: game-cdn.poki.com
URL: https://game-cdn.poki.com/scripts/fa6e4a83910d998febc03d1d2afb1116af4c07b1/poki-sdk-core-fa6e4a83910d998febc03d1d2afb1116af4c07b1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:9325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9c2606c430ae68530fdbc2da88ae96df3482c73b52ca6627f5b23e662fd27e6

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Dec 2023 04:30:28 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 04:13:12 GMT
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3720, stale-while-revalidate=10800, stale-if-error=10800
vary: Accept-Encoding
cf-ray: 82e8985119e39a24-FRA
access-control-allow-headers: authorization, origin, content-type, accept
alt-svc: h3=":443"; ma=86400

GET
H3 200 en.csv Show response
www.pinturillo2.com/appData/data/lang/ 1 KB
2 KB 158ms
158ms XHR
text/csv 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/data/lang/en.csv
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b73f0e80b55094b02ae34777b94b16fc26d77d9dcea6ab616b7cbd4a868d45

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:28 GMT
cf-cache-status: BYPASS
last-modified: Sun, 16 Apr 2023 12:44:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4b8-5f9737049e700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2EsqfaMa8aEDpiNPyetFw%2Fdh2gIQRGPDAlS5RLXKpfjwW9aJcTncrIEjqDy5NxyM1jVCE6eT33gyUSPZNt2whFSWyvF5IEW8BbEyHcT1jS15%2Fi41pOjhp0r0mCGtV5Olu3heLnR"}],"group":"cf-nel","max_age":604800}
content-type: text/csv
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 82e898526ce25c32-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 1064ms
41ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6337473-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 03:22:36 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4073
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Dec 2023 05:22:36 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 104ms
71ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HK2QY2JTE8&gtm=45je3bt0v9117433543&_p=1701405027034&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&cid=815619282.1701405028&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701405028&sct=1&seg=0&dl=https%3A%2F%2Fwww.pinturillo2.com%2F&dt=Pinturillo%202%20-%20Draw%20and%20guess%20multiplayer%20online%20game&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1819
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HK2QY2JTE8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/ 158 KB
41 KB 224ms
223ms Script
text/javascript 2600:9000:214f:aa00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=pinturillo2.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/11Vb-uusbgv8t/pinturillo2.com/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:aa00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e215c459f6b636decefe1e4bb3999a3ba5798248e6868ade99ec4e30c9acfc4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 03:54:24 GMT
content-encoding: br
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2164
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Fri, 24 Nov 2023 14:53:40 GMT
server: AmazonS3
etag: W/"9a59be07c42e77f2bba7a0e654fc46f0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: m5oxVMCvLWqPq2JgTi29mlJnt48PlUxPhfEUNNZuV4YQB85dC4uwkg==

GET
H2 200 cmp-list.json Show response
cmp.inmobi.com/GVL-v2/ 11 KB
3 KB 952ms
316ms XHR
application/json 2600:9000:214f:aa00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=pinturillo2.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:aa00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e84df5c3072a47db21020cfdd0daa84c31e314ca97cb9782e5ecca1011144c4

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 03:00:45 GMT
content-encoding: br
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 5385
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 03:00:43 GMT
server: AmazonS3
etag: W/"c9e2a174394f72cf493706a018656fc5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 8k5RXKd2CP-ToaElVGTeAxys7Aaw-7LWBWAfVEw_pvepaMiFa8T-SA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 28ms
27ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1848422830&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pinturillo2.com%2F&ul=en-us&de=UTF-8&dt=Pinturillo%202%20-%20Draw%20and%20guess%20multiplayer%20online%20game&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=104351682&gjid=1529956198&cid=815619282.1701405028&tid=UA-6337473-3&_gid=65001498.1701405029&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&jsscut=1&z=1991092396

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/d1r100yi8pmbig/ 130 KB
46 KB 409ms
50ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50965cf46d97261168caeec028aa1abadc223637d8de3e91f6661baab97a7041

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:29 GMT
content-encoding: gzip
last-modified: Thu, 30 Nov 2023 22:31:01 GMT
server: cloudflare
age: 0
etag: W/"8ec35acedaae440a1ba94ab1f18348af85c5a999"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 82e8985ce97b9c0c-FRA

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 966ms
678ms Fetch
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231201

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfc128586fee9486ced3ab7fd7011f0620be545c6a4d55f48f8268917213c943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 01 Dec 2023 04:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1776
x-jsd-version: 1.0.1890
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"63f-TNgfTrEmgU0kvSD/fpfRT6TRJJo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWTbaw3wMNotAW9%2BLuN%2Bw1vjcS%2FSQfnQPwwXNAqpz0ZcMRNzYXUFoAoZFp%2BXszsOXuSv7lcokE3bqPRO33e7h3EN4a7JLxUbOccAtADDIgrXYaciPCuKzD6OrTGebbkpzgd0OhoXkJKzNGv%2F1qg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82e8985c7ac071d7-FRA

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 89ms
22ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:08:11 GMT
content-encoding: gzip
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1339
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 3JJKxXQyHX7jje1mWev-AZHf2Vhu-OVD469Nagv8Q_zN7Uln_msp3Q==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 1668ms
1487ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

308b52631cdbecdbe1643baacffdfa0c3c4b084cddd87f59be8ba240e4dc8ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30210
x-xss-protection: 0
server: cafe
etag: 396 / 19692 / 31079857 / config-hash: 11152387477177976423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 04:30:31 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 516ms
115ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128094
x-xss-protection: 0
expires: Fri, 01 Dec 2023 04:30:29 GMT

GET
H2 200 tag Show response
btloader.com/ 76 KB
24 KB 382ms
28ms Script
application/javascript 104.22.75.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.75.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f37117e5ba23d38f778ccccae2bb565cac003f56871ed9ecfb8b05174de19069

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:29 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 03:46:50 GMT
server: cloudflare
age: 2542
etag: "9cf2ec5c834719a626f0fc5c724f9013"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 82e8985cee9c1e4a-FRA
content-length: 24163

GET
H2 200 adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ 16 B
391 B 28ms
28ms Script
application/javascript 2606:4700:20::681a:2e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73435
x-host: adinplay-2
content-length: 16
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
server: cloudflare
etag: "5ac4f9a5-10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGH%2BIc5Mp1ZnQJ0r3tQopdbqzU6Jh4Rj9%2BPcqsBXyUwOBPDWY9%2FxAiZM5yUAjeRlLwpM1ggqseqgo6FzHquK3QJXJsEa8UrRtmTv28YCXYAynNv7SS%2FWPGAULVkTKdClv5sRg%2BtW71a96nw5898%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 82e8985aa83518ed-FRA

GET
H2 200 53b902f9-cf9c-4605-aec3-2c8ce65042b8 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
810 B 84ms
24ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/53b902f9-cf9c-4605-aec3-2c8ce65042b8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 5793ae2fff25300ee13907746b024508a87ab90cfc9acbba42079ae9fbf4fcb0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:17:05 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 804
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: CEk381Np8kZAtH_gtMZ3vUTcqara1SZJN779ro88sjUCc_tCBrCDtA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
306 B 114ms
114ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.pinturillo2.com&pubid=53b902f9-cf9c-4605-aec3-2c8ce65042b8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:29 GMT
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.pinturillo2.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: J4KjolGtYondcfJfYPeFudR1kyjWkFbr9R8Nb_WzcDYL_Hwz6uvVyw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 62ms
21ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
date: Thu, 30 Nov 2023 12:44:58 GMT
x-amz-cf-pop: FRA56-P6
age: 56731
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: yyCmGAM-sk7yyPUoKtdKCgoxxXo7rlDvR6C2QNctUa5tI29uVd-ypw==

GET
H2 200 cmp2ui-en.js Show response
cmp.inmobi.com/tcfv2/50/ 279 KB
68 KB 338ms
337ms Script
text/javascript 2600:9000:214f:aa00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=pinturillo2.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:aa00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6fc381fc8274a8e05c221c15702c0c523d1937fc0719a1d4a9e95cc804c560f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 14:54:09 GMT
content-encoding: br
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 48981
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 24 Nov 2023 14:53:34 GMT
server: AmazonS3
etag: W/"1140e593a3bca4a411e76bddf0dcac5d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: w0B_gnTK32yJ-sGR47-7wgCsQmTxnd251UaEwvhcNHxDI6SlwJpKmg==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v3/ 549 KB
61 KB 170ms
170ms XHR
application/json 2600:9000:214f:aa00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=pinturillo2.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:aa00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f02f250ed8982087165160ca06daabbf999b6260a40e84e9ccbeadfc542fe272

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:59:25 GMT
content-encoding: br
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 16265
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 30 Nov 2023 23:59:20 GMT
server: AmazonS3
etag: W/"b47b2f2ac3a1071d8fe85e7dc0dae6a8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: sJJC8YKhr6rSQcmNcddOpzc7Nlz_ZE9i-AStGsiFyfKjMDQaKbYQPg==

GET
H2 200 google-atp-list.json Show response
cmp.inmobi.com/tcfv2/ 142 KB
33 KB 452ms
452ms XHR
application/json 2600:9000:214f:aa00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=pinturillo2.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:aa00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ebea5f7ebaab8e2f493947e143b6c9a6734d230aa111ecf8ae83fa21afe09a1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 03:00:26 GMT
content-encoding: br
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 5404
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 03:00:24 GMT
server: AmazonS3
etag: W/"5ed4f2817e992e9932392a84a1b82ee8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: Zm80p_IKp-OM0u0L8RpEfh9gC2wAZV6Xxi82-MLvG31sXF4bXKvMpQ==

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 160ms
116ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Dec 2023 04:30:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
924 B 374ms
43ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1551682
x-guploader-uploadid: ABPtcPoCjHZz2Z_km5VaYiqzKu4s5KfgqgWdpKHaYGvXeoKl6M7Je-UrhCbADCxmlAWOMNfMc7zVfUcYnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyyV4qCkEVboYNdgP9GxLYM5%2B64Apk%2FppgZhoX2Ed9GvyV7%2BjOJMYp%2B6GXrZLyy4aPBpK1vjzBINY2X1NpK1ES12QpwBEjsinSOqEWegfNc3c3mFBTGEvoETxx%2FOWJ8PSCugnt5wNMjG3uUVZA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 82e8985f3c076901-FRA
expires: Mon, 13 Nov 2023 05:39:40 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 82ms
20ms Image
image/x-icon 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:50:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Dec 2023 20:50:18 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
340 B 383ms
52ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.9904493747035661
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1551682
x-guploader-uploadid: ABPtcPoCjHZz2Z_km5VaYiqzKu4s5KfgqgWdpKHaYGvXeoKl6M7Je-UrhCbADCxmlAWOMNfMc7zVfUcYnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AGamZEEdZ7SCBdRAhSnntB0sJOM7XfDqkUJcpMR4vDWMIAN5bFtbKXI5Ae0wXXnWL9VtBxMZaUlHes%2B7Byjf7QED6Fcrmv%2BgzFecwncA7faX2vnTwG70UqJuw6R5WiDv%2FE81gR%2BswBzb8NW3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 82e8985f3c066901-FRA
expires: Mon, 13 Nov 2023 05:39:40 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
132 B 116ms
115ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:30 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 119ms
119ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=95To5TYpol&w=5114397264969728&o=5130683165442048&cv=2.1.24-1-g0c437e2&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.pinturillo2.com%2F&sid=1jEduCGQ&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Dec 2023 04:30:30 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 / Show response
api.cmp.inmobi.com/ 2 B
101 B 114ms
21ms XHR
text/plain 18.158.216.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%2211Vb-uusbgv8t%22%2C%22domain%22%3A%22www.pinturillo2.com%22%2C%22publisher%22%3A%22Pinturillo%202%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.50%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22d7qjw%2FaceLFfPb30y68%2BFQ%22%2C%22tagVersion%22%3A%22V2%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1701405030637%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-znto11fy29u3plgktulw%22%7D
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.216.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-216-196.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Dec 2023 04:30:30 GMT
content-length: 2
content-type: text/plain; charset=utf-8

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 149ms
101ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pinturillo2.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 01 Dec 2023 04:30:30 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 101ms
100ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Dec 2023 04:30:30 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/ 432 KB
135 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31079857

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28802
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138184
x-xss-protection: 0
server: cafe
etag: 495798054771589180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 29 Nov 2024 20:30:29 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1016 B 87ms
28ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 04:30:31 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 335744
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hfa%2Fke7451IxcB93HO1NTXwzDVG4gf5vzbb0S3Hs3A%2FG4DMDFMvyOP0TvS1UksYt8bhN9JadLyHA8wZwgutnCK4DVvP5i0rxnMkBrjW5oiNxge0ULKud3eV8FEC57EJjiwi2QXChux4szEOd"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 82e89869080c18b5-FRA

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
400 B 98ms
39ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:31 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82e898691a9d366c-FRA
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 371 B
902 B 156ms
85ms Fetch
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=15&rp_schain=1.0,1!adinplay.com,PNT,1,,,&rf=https%3A%2F%2Fwww.pinturillo2.com%2F&kw=guess%2Cdraw%2Cgame%2Cgames%2Cwebgame%2Chtml5%2Cfun%2Cflash%2Cmultiplayer&tg_i.domain=pinturillo2.com&tg_i.page=https%3A%2F%2Fwww.pinturillo2.com%2F&tg_i.pbadslot=%2F421469808%2C13904209%2Fpinturillo2.com_300x250&tk_flint=pbjs_lite_v8.10.0&l_pb_bid_id=489b9bf39cdf4e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F421469808%2C13904209%2Fpinturillo2.com_300x250&slots=1&rand=0.7127350992014063
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 95f13ef547b57b1795005a846598eae95cea14657486989c0a051343c7f283a4

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:31 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 371
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 13 KB
6 KB 259ms
202ms Fetch
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

c6f7b4f3819e106b39730750ee067954c6cf0e0b16c7c8728bcaff0527db2129

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
content-encoding: gzip
an-x-request-uuid: 21a57493-b237-4aa4-acf2-63aa8da4ea27
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.95.242; 95.211.95.242; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 83 B
431 B 130ms
32ms Fetch
application/json 52.30.181.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.30.181.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-181-208.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 8e77ebc52fd6462aa479ad3fca3d8731dc6d8c980fba9905958c42e22e8125a6

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 01 Dec 2023 04:30:31 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.pinturillo2.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 83

POST
H2 200 adreq Show response
ads.servenobid.com/ 393 B
580 B 112ms
35ms Fetch
application/json 54.76.1.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=1295
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.1.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-1-136.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 425c35409b1a348cf163040bd6440dffb4d9ffba0d137b3d6c1348bda80b7257

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 01 Dec 2023 04:30:31 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
415 B 77ms
24ms Fetch
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 224 B
862 B 431ms
375ms Fetch
application/json 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0627def17611f18048e850f22d00f1702991b741d36ba15c6e4de100271d6bd5

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82e8986939b918f5-FRA
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 85ms
14ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.pinturillo2.com
date: Fri, 01 Dec 2023 04:30:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 204ms
129ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.pinturillo2.com%2F&pid=x4MRGdGKsDsMK&cb=0&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22pinturillo2-com_300x250%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F421469808%2C13904209%2Fpinturillo2.com_300x250%22%7D%5D&schain=1.0%2C1!adinplay.com%2CPNT%2C1%2C%2C%2C&pubid=53b902f9-cf9c-4605-aec3-2c8ce65042b8&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: TY2A7123NB3WBAK6FMXA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.pinturillo2.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 1SWkJXFnd7ziThuCGMbwHuczJc-k9YzN-Plbuir9TcpMC8akyt79Ag==

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 373 B
727 B 134ms
102ms Fetch
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=15&rp_schain=1.0,1!adinplay.com,PNT,1,,,&rf=https%3A%2F%2Fwww.pinturillo2.com%2F&kw=guess%2Cdraw%2Cgame%2Cgames%2Cwebgame%2Chtml5%2Cfun%2Cflash%2Cmultiplayer&tg_i.domain=pinturillo2.com&tg_i.page=https%3A%2F%2Fwww.pinturillo2.com%2F&tg_i.pbadslot=%2F421469808%2C13904209%2Fpinturillo2.com_300x250_2&tk_flint=pbjs_lite_v8.10.0&l_pb_bid_id=186d2cd774a87be&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F421469808%2C13904209%2Fpinturillo2.com_300x250_2&slots=1&rand=0.9560693122915112
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b9d15cc66955efe9ad2f4eea7125cd1bfa50691bd9ac07d03949cce47fa0d65d

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:31 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 373
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
416 B 45ms
23ms Fetch
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 84 B
432 B 92ms
32ms Fetch
application/json 52.30.181.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.30.181.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-181-208.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 199bddebea6425f9e6ce0b4edb0776f4809cf27eca26df108b67052f06caa0eb

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 01 Dec 2023 04:30:31 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.pinturillo2.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
139 B 54ms
41ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:31 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82e898691a9e366c-FRA
expires: 0

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 13 KB
6 KB 318ms
294ms Fetch
application/json 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec6598b5d0a2de70ab7598251a8668401b011b89c253faed9168f9bd5df67294

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82e8986939bc18f5-FRA
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 145 B
968 B 173ms
162ms Fetch
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0da0fa72fcbab824028965811c1c6893546d11a85e690bdc95d5daec5d4dd48a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
an-x-request-uuid: d7ea211b-bdee-4a9a-bc59-82f3480a6297
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.95.242; 95.211.95.242; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 180ms
131ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.pinturillo2.com%2F&pid=x4MRGdGKsDsMK&cb=1&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22pinturillo2-com_300x250_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F421469808%2C13904209%2Fpinturillo2.com_300x250_2%22%7D%5D&schain=1.0%2C1!adinplay.com%2CPNT%2C1%2C%2C%2C&pubid=53b902f9-cf9c-4605-aec3-2c8ce65042b8&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: HH2JT1XHWM9SAD84BCMD
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.pinturillo2.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: lwIQJRAnj54GwLUklG2Gv_T9_FIJ6x2vpradA05wBLsHNgb1h3c84A==

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 13 KB
6 KB 222ms
217ms Fetch
application/json 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8242cf3f05984b86c8be6b355026aa9d90da0d1a8170087e10a9f9f1bf24de88

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82e8986939ba18f5-FRA
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 373 B
726 B 109ms
105ms Fetch
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=15&rp_schain=1.0,1!adinplay.com,PNT,1,,,&rf=https%3A%2F%2Fwww.pinturillo2.com%2F&kw=guess%2Cdraw%2Cgame%2Cgames%2Cwebgame%2Chtml5%2Cfun%2Cflash%2Cmultiplayer&tg_i.domain=pinturillo2.com&tg_i.page=https%3A%2F%2Fwww.pinturillo2.com%2F&tg_i.pbadslot=%2F421469808%2C13904209%2Fpinturillo2.com_300x250_3&tk_flint=pbjs_lite_v8.10.0&l_pb_bid_id=324035ebdf133c7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F421469808%2C13904209%2Fpinturillo2.com_300x250_3&slots=1&rand=0.2966795601146095
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e6b03aa5ff03b0053d9a4ad9667bdbcad2ecd9cb13864ecaf56075da2a06178a

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:31 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 373
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 84 B
433 B 67ms
31ms Fetch
application/json 52.30.181.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.30.181.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-181-208.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: d623fdc02b5c02ded44079263dc167022ac7b0f3598e9bae0dd4e4d106121340

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 01 Dec 2023 04:30:31 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.pinturillo2.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
139 B 41ms
40ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:31 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82e898693aa4366c-FRA
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
415 B 37ms
36ms Fetch
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 13 KB
6 KB 167ms
166ms Fetch
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

c6d4267ce2b0bb371dbd53ef71383204bc73ed66355a130091695bc68aa49f36

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
content-encoding: gzip
an-x-request-uuid: 0d9ffaba-6e6f-4578-9409-8e9e10508e06
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.95.242; 95.211.95.242; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 158ms
126ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.pinturillo2.com%2F&pid=x4MRGdGKsDsMK&cb=2&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22pinturillo2-com_300x250_3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F421469808%2C13904209%2Fpinturillo2.com_300x250_3%22%7D%5D&schain=1.0%2C1!adinplay.com%2CPNT%2C1%2C%2C%2C&pubid=53b902f9-cf9c-4605-aec3-2c8ce65042b8&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: CRW3NK7M9E16NZ2F71A4
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.pinturillo2.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ja6aOx6-q6lKThWKZUlL4BP2sDELo-waU2m2FZCIkOkW2W-hewFhKQ==

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 129ms
87ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 04:30:32 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCTpb2rPx48y6jKey%2BjWqcKgyD5CwFn91diwVuCw17yuEi3W0eEmhMIv1dzutW4YSNBXua%2BLl12hF5cBA%2BggbEuXZxMf8WI1vDl1ISZtwJaKtjIaImToTIbCSFcdqi2a5KGDAd%2FMCn2Nh291"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 82e89869ad122c59-FRA

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 68E3 9 KB
4 KB 88ms
20ms Document
text/html 13.32.27.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-7.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer: https://www.pinturillo2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 71006
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Thu, 30 Nov 2023 08:47:07 GMT
etag: W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified: Mon, 02 Oct 2023 23:54:30 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
x-amz-cf-id: FVulpR5BSw41F0_VNf0DoDraWM3-DgttHfCSfGfH0-kxXixUPNhQog==
x-amz-cf-pop: FRA56-C2
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5: d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256: 8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 204 /
onetag-sys.com/usync/ Frame 6E0C 0
0 23ms
23ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1701405031888

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.pinturillo2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame FB6C 16 KB
6 KB 301ms
21ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.pinturillo2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=70616
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Fri, 01 Dec 2023 04:30:32 GMT
expires: Sat, 02 Dec 2023 00:07:28 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 22CF 281 B
555 B 101ms
24ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.pinturillo2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 01 Dec 2023 04:30:32 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 load-cookie.html Show response
elb.the-ozone-project.com/static/ Frame BDC3 12 KB
5 KB 64ms
63ms Document
text/html 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41328397cc4fcbfc073eaf90ac56dbf629a69a24b490159d827b32f3324cface

Request headers

Referer: https://www.pinturillo2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82e8986b5ac018f5-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 04:30:32 GMT
expires: 0
last-modified: Thu, 30 Nov 2023 10:14:43 GMT
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A687 52 KB
17 KB 99ms
25ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.pinturillo2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 01 Dec 2023 04:30:32 GMT
ETag: "623de86a-cf34"
Expires: Sat, 02 Dec 2023 04:30:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame BDC3 20 KB
7 KB 101ms
56ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://elb.the-ozone-project.com/
Origin: https://elb.the-ozone-project.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 82e8986c0a9b71d3-FRA

POST
H2 200 cookie_sync Show response
elb.the-ozone-project.com/ Frame BDC3 7 KB
2 KB 57ms
56ms XHR
text/plain 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/cookie_sync
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b912904c142f6d6bd66fc8822b2500a574db2c6d32b2352d3729948a05c728b5

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://elb.the-ozone-project.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82e8986bcaf918f5-FRA
expires: 0

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 125B 3 KB
1 KB 123ms
29ms Document
text/html 34.255.245.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.245.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-245-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ae4a44275e5ef3cf56cdab5109e975f65e0d41183da4ff0d397cf142a031d4bf

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 01 Dec 2023 04:30:32 GMT
etag: W/"0f16772e58c6cd14eea3917b9bef7e51a"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame 382E 0
0 22ms
22ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame 9CA9 932 B
1 KB 326ms
16ms Document
text/html 81.17.55.122
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.122 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 5f84870c5784078c4dc10c19efab698b56d8aa412d3b1b9d3e52dd2ea7b81c4a

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 932
content-type: text/html
date: Fri, 01 Dec 2023 04:30:32 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 9262
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
824 B

45ms
43ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 057fe361fb258822cfc4bec2e7dc17eb3a2a56c477091856e76e53279599b1b3

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82e8986c79670e88-AMS
content-encoding: br
content-type: text/html
date: Fri, 01 Dec 2023 04:30:32 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVswbVabsfzf1W6oWf6sxy0Z%2BKjYppJG5ZhOvnCRq4zvvexUKe2paVeu%2Fwwgg%2FitpVQ87i1FYsp4r3SzXP49VLRCIQLfbXwIZn3RTOY8Qc8cr2osbRdB1W5CFtyxPNIN4HDzVekPn%2BePWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82e8986c39430e88-AMS
content-length: 0
date: Fri, 01 Dec 2023 04:30:32 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tou9Fmv6PkE20d3JuRsXf%2Fbvf3Kcua59%2Bu%2Fw8GRmzilgDvmEUXyvKC8s9KWyadq2e1ZeoGRvV9JBLpOxGNxvO%2F%2FbUr2QnQoY30JkV06CzkX%2BrTSnY%2FUy4Kqs94kW505b6iVGiCzGn3UUSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 59E2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
555 B

23ms
21ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 01 Dec 2023 04:30:32 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 01 Dec 2023 04:30:32 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5D38 16 KB
6 KB 199ms
22ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=70616
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Fri, 01 Dec 2023 04:30:32 GMT
expires: Sat, 02 Dec 2023 00:07:28 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame 6D30 0
524 B 180ms
113ms Document
text/html 2600:9000:2057:600:1f:4c18:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:600:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Fri, 01 Dec 2023 04:30:32 GMT
server: istio-envoy
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-id: lxMdwadblqfFfymJVXubL4Tv7tQ6M72JER04YenS1bo1cKk-CuQqew==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame D45B 0
134 B 55ms
14ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Fri, 01 Dec 2023 04:30:32 GMT
Server: nginx

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame 6B6B 0
370 B 364ms
105ms Document
text/html 34.203.168.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.203.168.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-168-193.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Fri, 01 Dec 2023 04:30:32 GMT
server: istio-envoy
x-envoy-upstream-service-time: 0
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H2

200

sync
ads.servenobid.com/ Frame 68E3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=3402031402323856551

0
344 B

37ms
36ms

Image
image/avif

54.76.1.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=3402031402323856551
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.1.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-1-136.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
an-x-request-uuid: 1a643119-f947-4c84-b45d-2417069af2d6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.servenobid.com/sync?pid=312&uid=3402031402323856551
x-proxy-origin: 95.211.95.242; 95.211.95.242; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 68E3
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=HvxOrRZHXagg3ItfQ4qadTSz

0
350 B

35ms
34ms

Image
image/avif

54.76.1.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=HvxOrRZHXagg3ItfQ4qadTSz
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.1.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-1-136.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 04:30:32 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=HvxOrRZHXagg3ItfQ4qadTSz
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 68E3 0
277 B 71ms
21ms Image
text/plain 216.52.2.48
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 01 Dec 2023 04:30:32 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

sync
ads.servenobid.com/ Frame 68E3
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1701405032354
https://ad.turn.com/r/cs?pid=45&rndcb=5396580654
https://sync.1rx.io/usersync/turn/8976263294276042660?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-ca5fb6e4-e325-4f3c-bc56-b95dca14bb94-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-ca5fb6e4-e325-4f3c-bc56-b95dca14bb94-003
https://ads.servenobid.com/sync?pid=321&uid=RX-ca5fb6e4-e325-4f3c-bc56-b95dca14bb94-003

0
362 B

39ms
36ms

Image
image/avif

54.76.1.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&uid=RX-ca5fb6e4-e325-4f3c-bc56-b95dca14bb94-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.1.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-1-136.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&uid=RX-ca5fb6e4-e325-4f3c-bc56-b95dca14bb94-003
date: Fri, 01 Dec 2023 04:30:32 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXca5fb6e4e3254f3cbc56b95dca14bb94003
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/ Frame 68E3
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5144588527800874570

0
344 B

39ms
36ms

Image
image/avif

54.76.1.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5144588527800874570
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.1.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-1-136.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5144588527800874570
Date: Fri, 01 Dec 2023 04:30:32 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 usa
sync.go.sonobi.com/ Frame 68E3 0
399 B 335ms
106ms Image
text/plain 69.166.1.67
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-80
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 68E3
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

0
252 B

49ms
37ms

Image
image/avif

54.76.1.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.1.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-1-136.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date: Fri, 01 Dec 2023 04:30:32 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58559/ Frame 68E3 0
15 B 181ms
26ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58559/occ

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
ads.servenobid.com/ Frame 68E3
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://ads.servenobid.com/sync?pid=346&uid=ua-c9f7d61f-f6ac-3e6b-bbc2-b88695dee598

0
359 B

34ms
33ms

Image
image/avif

54.76.1.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=346&uid=ua-c9f7d61f-f6ac-3e6b-bbc2-b88695dee598
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.1.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-1-136.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=346&uid=ua-c9f7d61f-f6ac-3e6b-bbc2-b88695dee598
pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58632/ Frame 68E3 0
125 B 180ms
26ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58632/occ

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 68E3 0
35 B 77ms
19ms Image
text/plain 18.195.110.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.110.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-110-104.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 68E3
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

0
336 B

34ms
34ms

Image
image/avif

54.76.1.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.76.1.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-1-136.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Fri, 01 Dec 2023 04:30:32 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Fri, 01 Dec 2023 04:30:32 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 22CF 46 KB
13 KB 22ms
22ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8e36b3824734aec025abb1460b3c09e13d4113dc016f29238ce3ce5058c61d9f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 04:30:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2023 23:38:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=68848
Connection: keep-alive
Content-Length: 13236
Expires: Fri, 01 Dec 2023 23:38:00 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame BDC3
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=6465168667233275546

0
656 B

62ms
61ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=6465168667233275546
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 82e8986ddc2b18f5-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=6465168667233275546
date: Fri, 01 Dec 2023 04:30:32 GMT
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 59E2 46 KB
13 KB 30ms
29ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8e36b3824734aec025abb1460b3c09e13d4113dc016f29238ce3ce5058c61d9f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 04:30:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2023 23:38:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=68848
Connection: keep-alive
Content-Length: 13236
Expires: Fri, 01 Dec 2023 23:38:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 125B
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=3402031402323856551

35 B
250 B

161ms
34ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=3402031402323856551
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 01 Dec 2023 04:30:32 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
an-x-request-uuid: 0547accf-b99f-4995-94e3-a7a96bb6398f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=3402031402323856551
x-proxy-origin: 95.211.95.242; 95.211.95.242; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame 125B
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_b9ba27f0-297b-47d8-99da-d30b551d7695&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_b9ba27f0-297b-47d8-99da-d30b551d7695&gdpr=0&gdpr_consent=&us_privacy=1---
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
https://x.bidswitch.net/sync?dsp_id=70&user_id=130854716378443416&ssp=gumgum2

43 B
145 B

31ms
25ms

Image
image/gif

18.197.187.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=130854716378443416&ssp=gumgum2
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 18.197.187.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-187-29.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://x.bidswitch.net/sync?dsp_id=70&user_id=130854716378443416&ssp=gumgum2
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 125B
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=a6c66d9b-65a4-4fe9-9c83-fecbd9525a5a

35 B
250 B

100ms
34ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=a6c66d9b-65a4-4fe9-9c83-fecbd9525a5a
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 01 Dec 2023 04:30:32 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Fri, 01 Dec 2023 04:30:32 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=a6c66d9b-65a4-4fe9-9c83-fecbd9525a5a
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 125B
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-80dc48f5-e2c3-5d5d-7b5d-0ac1cc4cd6ce$ip$95.211.95.242

35 B
250 B

37ms
34ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-80dc48f5-e2c3-5d5d-7b5d-0ac1cc4cd6ce$ip$95.211.95.242
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 01 Dec 2023 04:30:32 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-80dc48f5-e2c3-5d5d-7b5d-0ac1cc4cd6ce$ip$95.211.95.242
Date: Fri, 01 Dec 2023 04:30:32 GMT
Connection: keep-alive
Content-Length: 127
Content-Type: text/html; charset=utf-8

GET
H2 200 gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 125B 43 B
426 B 126ms
37ms Image
image/gif 2a05:d018:d29:3605:3b2e:d970:bb65:e6b3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:3b2e:d970:bb65:e6b3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 125B
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=2afa8cb6-169a-44bc-bc35-b759cc315691

35 B
250 B

35ms
34ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=2afa8cb6-169a-44bc-bc35-b759cc315691
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 01 Dec 2023 04:30:32 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=2afa8cb6-169a-44bc-bc35-b759cc315691
Date: Fri, 01 Dec 2023 04:30:32 GMT
Connection: keep-alive
X-CI-RTID: 6c6d9ccc-fbdb-40af-aa17-2664b13e3cd8
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 200 142
match.deepintent.com/usersync/ Frame 125B 0
44 B 326ms
96ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
content-length: 0
server: a

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 125B
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_b9ba27f0-297b-47d8-99da-d30b551d7695&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_b9ba27f0-297b-47d8-99da-d30b551d7695&s=2&us_privacy=...
https://usersync.gumgum.com/usersync?b=zem&i=ppLZszKqHkWqeEzkOk1N&gdpr=0&us_privacy=1---

35 B
250 B

40ms
39ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=ppLZszKqHkWqeEzkOk1N&gdpr=0&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 01 Dec 2023 04:30:33 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 04:30:32 GMT
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&i=ppLZszKqHkWqeEzkOk1N&gdpr=0&us_privacy=1---
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 125B
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=4zUfL6AtkiWQ&ev=1&pid=558355

35 B
250 B

104ms
32ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=4zUfL6AtkiWQ&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 01 Dec 2023 04:30:32 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: nl-NL
location: https://usersync.gumgum.com/usersync?b=pln&i=4zUfL6AtkiWQ&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-74c7cffc45-8bqxr
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 125B
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=3835336827270385357

35 B
250 B

39ms
32ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=3835336827270385357
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 01 Dec 2023 04:30:32 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=3835336827270385357
date: Fri, 01 Dec 2023 04:30:32 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 125B 0
358 B 46ms
34ms Image
image/avif 54.76.1.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_b9ba27f0-297b-47d8-99da-d30b551d7695
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.1.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-1-136.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame C1FB
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=adf&i=3768262400588959971&gdpr=0&gdpr_consent=

35 B
208 B

43ms
36ms

Document
image/gif

34.255.245.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=adf&i=3768262400588959971&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.245.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-245-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
content-length: 35
content-type: image/gif;charset=UTF-8
date: Fri, 01 Dec 2023 04:30:32 GMT
expires: 0
pragma: no-cache
server: nginx
timing-allow-origin: *

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Fri, 01 Dec 2023 04:30:32 GMT
expires: -1
location: https://rtb.gumgum.com/usersync?b=adf&i=3768262400588959971&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

pixel Show response
cm.g.doubleclick.net/ Frame 3328
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iOWJhMjdmMC0yOTdiLTQ3ZDgtOTlkYS1kMzBiNTUxZDc2OTU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iOWJhMjdmMC0yOTdiLTQ3ZDgtOTlkYS1kMzBiNTUxZDc2OTU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...

170 B
243 B

33ms
28ms

Document
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iOWJhMjdmMC0yOTdiLTQ3ZDgtOTlkYS1kMzBiNTUxZDc2OTU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 04:30:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 436
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 04:30:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iOWJhMjdmMC0yOTdiLTQ3ZDgtOTlkYS1kMzBiNTUxZDc2OTU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F9E4 16 KB
6 KB 74ms
26ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=70616
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Fri, 01 Dec 2023 04:30:32 GMT
expires: Sat, 02 Dec 2023 00:07:28 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 90C5 70 B
149 B 117ms
34ms Document
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Fri, 01 Dec 2023 04:30:32 GMT
server: Kestrel

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame A605
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZWlhacCo5s8AADDalogAAAAA

35 B
250 B

32ms
31ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZWlhacCo5s8AADDalogAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 01 Dec 2023 04:30:33 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Fri, 01 Dec 2023 04:30:33 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZWlhacCo5s8AADDalogAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 0
X-SO-HostName: a-ad40320.dc2p.scaleout.jp
X-SO-IP: 95.211.95.242
X-SO-Key: ZWlhacCo5s8AADDalogAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZWlhacCo5s8AADDalogAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40320"}
X-SO-LB-Hostname: a-tgng40011.dc2p.scaleout.jp
X-SO-Upstream-ID: a-ad40320

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 1609
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=f145WnNEE2Q7jDE4TAca80AeHXzAbRrbljYmQJV5vcA&pi=gumgum&tc=1

35 B
250 B

58ms
32ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=f145WnNEE2Q7jDE4TAca80AeHXzAbRrbljYmQJV5vcA&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 01 Dec 2023 04:30:32 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Fri, 01 Dec 2023 04:30:32 GMT Fri, 01 Dec 2023 04:30:32 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=f145WnNEE2Q7jDE4TAca80AeHXzAbRrbljYmQJV5vcA&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 102F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
555 B

21ms
20ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 01 Dec 2023 04:30:32 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 01 Dec 2023 04:30:32 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9262
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWlhaAC2lfCI94rAs.o3ggAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZWlhaAC2lfCI94rAs.o3ggAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIm0wO8mQGL5Rx_o9_x3jJc&google_cver=1&google_hm=2

43 B
732 B

41ms
41ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIm0wO8mQGL5Rx_o9_x3jJc&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFlnMexmhfcFjm6qi%2FOKJI9pczAhjzGsRF3Dv22TaFK1N49HIWwSXuuo0kFTi73KOmooyoRHYyhEr4u9jGGlJaPcNjHZ7vFupDP0gD%2B%2FR8v7axD4o3aZ7pQjZdcb%2F1ndsbL8Eh%2FCm4KePw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82e8986ddfda6700-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIm0wO8mQGL5Rx_o9_x3jJc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9262
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWlhaAC2lfCI94rAs-o3ggAAFIwAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWlhaAC2lfCI94rAs-o3ggAAFIwAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

135ms
134ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWlhaAC2lfCI94rAs-o3ggAAFIwAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 04:30:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1W5XM8FPY33NTDK85E66
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 04:30:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AYH96H24CRZY2W5H9VDC
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWlhaAC2lfCI94rAs-o3ggAAFIwAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9262 70 B
148 B 104ms
35ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 9262
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWlhaAC2lfCI94rAs-o3ggAAFIwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZWlhaAC2lfCI94rAs-o3ggAAFIwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO6z1AIwPSgzCrigrUf4k1w&google_cver=1

43 B
731 B

42ms
41ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO6z1AIwPSgzCrigrUf4k1w&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMOys8haexp0R7jGOWiBdEeVwMjCA4MTHXBFNqFL%2FeGxOvftUzWyGwehGbHOgj44RCW1bzgrgxjUx7oOy0kP0NddqxqULCd%2BxH2nsBUQrQNuusC6jZTZEoCw7ysQzwlPXKzH5yzuI9moZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82e8986dcfd56700-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO6z1AIwPSgzCrigrUf4k1w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9262
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210828472830575

43 B
765 B

42ms
42ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210828472830575
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aW1af4F8ps4s3xP%2FQvTVg6FgGa5RMHpcCMFHSdJqnxZy2VaKk1XoXU009JogSuCaZoUdRUHvG7SMC%2BB5VKGc4ggum8VSbsYjB08hhvLKHsiIct32sNNyQn1VNL3mgvPQWnXrFQhFfFfwww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82e8986d6fa06700-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210828472830575
Date: Fri, 01 Dec 2023 04:30:32 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9262
Redirect Chain

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZWlhaAC2lfCI94rAs.o3ggAA%265260
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=cb909d12-5f8f-411e-bf41-49c3fc8541dc

43 B
731 B

40ms
40ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=cb909d12-5f8f-411e-bf41-49c3fc8541dc
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7h4EcukSGzi0A%2Fn4RVBWTnbUzXlmOCd3hDeEXez8dK2dV%2FsbylDXmKgyvMdibSFH9MO2pelixaeEu03ub4fWZXGmVjaGt5sby1QiNrkzQ%2FE04M5oKPZEbzODTyEwzsWFZ6WpyaZqKnIt7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82e8986d6fa46700-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=cb909d12-5f8f-411e-bf41-49c3fc8541dc
Date: Fri, 01 Dec 2023 04:30:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9262
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4352546796036031277&expiration=1702614632

43 B
732 B

49ms
47ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4352546796036031277&expiration=1702614632
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJa0KVSyX942fm3dXEENGVAoEizxQnuwTKEBnhUGvy9NzdNXk%2BAmusNV3hbLS%2BetEMsrP7W5weGOcMiMfDyqEu4GE8KR%2FaOWcVTqfSbfN%2BZiAd8V7UIu8rJ48HmrvdOgM3gsmoLV0pkf2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82e8986dcfcd6700-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4352546796036031277&expiration=1702614632
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9262
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=284FE48CD8174C86848521C8730295A1

43 B
734 B

42ms
42ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=284FE48CD8174C86848521C8730295A1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdncEJpCN9pEAadyin%2ByKbzSJluTxXD2RTEz%2FsjsT%2BTb987OF%2BcBbME0WMPoZvZhNaBQpPGvPdvMLXG10boXTH1DahXLJ1Fm86hPc7Uu3qvhbLhn1vz3wKB7WTs3S4NPgyVq0mll1%2FupjA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82e8986d6fa26700-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Fri, 01 Dec 2023 04:30:32 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=284FE48CD8174C86848521C8730295A1
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 30 Nov 2023 04:30:32 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame 9262 0
355 B 38ms
38ms Image
image/avif 54.76.1.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZWlhaAC2lfCI94rAs-o3ggAAFIwAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.1.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-1-136.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 102F 46 KB
13 KB 27ms
26ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8e36b3824734aec025abb1460b3c09e13d4113dc016f29238ce3ce5058c61d9f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 04:30:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2023 23:38:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=68848
Connection: keep-alive
Content-Length: 13236
Expires: Fri, 01 Dec 2023 23:38:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame FB6C 0
42 B 99ms
23ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13487391&p=156857&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:31 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 9CA9 0
344 B 49ms
32ms Image
image/avif 54.76.1.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=6332776240204533298&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.1.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-1-136.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

204

v1
match.sharethrough.com/sync/ Frame 9CA9
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3835336827270385357&gdpr=0&gdpr_consent=

0
34 B

20ms
19ms

Image
text/plain

18.195.110.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3835336827270385357&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 18.195.110.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-110-104.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3835336827270385357&gdpr=0&gdpr_consent=
pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 9CA9
Redirect Chain

https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=r2Y5Uq9iOVO0Mm1YoTEiWK8wNwm0aj4K_WF3iAeW

43 B
163 B

122ms
14ms

Image
image/gif

89.149.192.201
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=r2Y5Uq9iOVO0Mm1YoTEiWK8wNwm0aj4K_WF3iAeW
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 89.149.192.201 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:32 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=r2Y5Uq9iOVO0Mm1YoTEiWK8wNwm0aj4K_WF3iAeW
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 204
No Content /
b1sync.zemanta.com/usersync/smart/ Frame 9CA9 0
64 B 183ms
90ms Image
text/plain 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 04:30:32 GMT

GET
H2

200

/
wt.rqtrk.eu/ Frame 9CA9
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=3835336827270385357&gdpr_pd=0&gdpr=0&gdpr_consent=

43 B
350 B

87ms
23ms

Image
image/gif

141.95.32.71
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=3835336827270385357&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 141.95.32.71 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS: haproxy-eu-006.roqad.pl
Software: istio-envoy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type: image/gif
cache-control: no-cache,private
x-envoy-upstream-service-time: 1
content-length: 43
expires: Fri, 01 Dec 2023 04:30:31 GMT

Redirect headers

location: https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=3835336827270385357&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9503 16 KB
6 KB 22ms
20ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=70616
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Fri, 01 Dec 2023 04:30:32 GMT
expires: Sat, 02 Dec 2023 00:07:28 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame BDC3
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZWlhaAC2lfCI94rAs.o3ggAA%265260

0
765 B

58ms
57ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZWlhaAC2lfCI94rAs.o3ggAA%265260
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 82e8986edcb018f5-FRA
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9%2FJ1rO3HJ0dI1nuelqFsgPCzj7YZrFTqNq%2FUMDdOXVCv5%2BX4p2Y3Dcolixe%2FHVqR0q2f6oFo9IruOQOeJIxvug%2FBsrxqClN9AvKiYY8%2B9xbBlEf3xIke%2B3WDmJ9TPlQSlpzNDae"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZWlhaAC2lfCI94rAs.o3ggAA%265260
cache-control: no-cache
cf-ray: 82e8986e8b1a0e88-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ Frame BDC3 0
104 B 103ms
31ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 22CF 7 B
380 B 124ms
22ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame BDC3 0
239 B 88ms
20ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 59E2 7 B
380 B 37ms
20ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame BDC3 70 B
148 B 35ms
35ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:30:33 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 102F 7 B
380 B 21ms
21ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H2

200

0.gif Show response
id5-sync.com/i/495/ Frame 69F1
Redirect Chain

https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-...
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=pbs-ozone&callback=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpb...

43 B
921 B

154ms
23ms

Document
image/gif

162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=pbs-ozone&callback=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D

Requested by

Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 01 Dec 2023 04:30:33 GMT
p3p: CP="CAO PSA OUR"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length: 494
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 04:30:33 GMT
expect-ct: max-age=0
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=pbs-ozone&callback=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 server_match
ad2.360yield.com/ Frame BDC3 43 B
199 B 164ms
31ms Image
image/gif 34.255.40.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.255.40.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-40-44.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Dec 2023 04:30:33 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame BDC3
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=770be4cc-48a4-48ea-823a-61cd039ba4e1

0
896 B

60ms
59ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=770be4cc-48a4-48ea-823a-61cd039ba4e1
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 82e89875091e18f5-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=770be4cc-48a4-48ea-823a-61cd039ba4e1
date: Fri, 01 Dec 2023 04:30:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200 pbs-user-sync Show response
ads.stickyadstv.com/ Frame 1B7E 322 B
753 B 591ms
22ms Document
text/html 2607:ae80:192:1::172

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2607:ae80:192:1::172 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: d76d07c667dab8d3ba7c32a38f291d3dfc46dc2e70d53995080eec9bf4620c70

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Date: Fri, 01 Dec 2023 04:30:34 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
x-sticky-vk: 1701405034077098-401

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 6892
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?pbs=true
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f43379bf26d7b6dca624e1ee6f3aef19&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1031_7309178828536227718&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?userId=AAAs5U7K0sMAABSguLs8dQ&dataProviderId=817&gdpr=0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0

70 B
148 B

32ms
32ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
Requested by: Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.stickyadstv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Fri, 01 Dec 2023 04:30:34 GMT
server: Kestrel

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Fri, 01 Dec 2023 04:30:34 GMT
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1701405034514098-380

GET
H2 200 setuid Show response
elb.the-ozone-project.com/ Frame E266 0
970 B 59ms
59ms Document
text/plain 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Requested by: Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.stickyadstv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82e898792bac18f5-FRA
content-length: 0
date: Fri, 01 Dec 2023 04:30:34 GMT
expires: 0
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame BDC3
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?uid=AAAs5U7K0sMAABSguLs8dQ&bidder=beeswax

0
961 B

60ms
59ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?uid=AAAs5U7K0sMAABSguLs8dQ&bidder=beeswax
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 82e8987c4e5e18f5-FRA
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?uid=AAAs5U7K0sMAABSguLs8dQ&bidder=beeswax
Date: Fri, 01 Dec 2023 04:30:34 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame BDC3
Redirect Chain

https://b1h-euc1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Doutbrain%26gdpr%3D0%26gdpr_consent%3D%26us_priv...
https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone

0
985 B

59ms
58ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:30:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 82e8987d1ef418f5-FRA
content-length: 0
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 04:30:35 GMT
Content-Type: text/html; charset=utf-8
Location: https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 178
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 204 pbsync
usermatch.targeting.unrulymedia.com/ Frame A6E9 0
0 33ms
13ms Document
text/plain 46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=0&consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1701405032087&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

date: Fri, 01 Dec 2023 04:30:35 GMT

POST rum
elb.the-ozone-project.com/cdn-cgi/ Frame BDC3 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

344 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pinturillo2.com/	1970-01-21 02:12:45	Name: _ga_HK2QY2JTE8 Value: GS1.1.1701405028.1.0.1701405028.0.0.0
.pinturillo2.com/	1970-01-21 02:12:45	Name: _ga Value: GA1.2.815619282.1701405028
.pinturillo2.com/	1970-01-20 16:38:11	Name: _gid Value: GA1.2.65001498.1701405029
.pinturillo2.com/	1970-01-20 16:36:45	Name: _gat_gtag_UA_6337473_3 Value: 1
.script.ac/	1970-01-20 16:36:46	Name: __cf_bm Value: ZAWGFJatBsmcEKastLMZm_suHEukejF_21KiHDBR0U8-1701405029-0-AXuxgmU1fHZDkB2Ajzq7G+Z44nxZ32zHCgy3V4+zKZ5jggVDKEijs0I5Uqj7zcvVISXVI6fMmWJnqpN1vsxsAtQ=
.rubiconproject.com/	1970-01-21 01:22:21	Name: khaos Value: LPM4MKLO-1Z-6YK4
.rubiconproject.com/	1970-01-21 01:22:21	Name: audit Value: 1\|naVuGyos1qo0ZHjWDjFwAXMylPn9loes1z8yuimHAOJ4B+ayZ+GoLl9JutTWMBSBE5gfrFwbdMo1vkRsRGN5OvPzJ6cr+j5/FThqR8+WGPjEyVNLdBbxACKPLRELhl3x0A+VO7RH1E0=
.adnxs.com/	1970-01-20 18:46:21	Name: icu Value: ChgIzYVEEAoYASABKAEw6MKlqwY4AUABSAEQ6MKlqwYYAA..
.adnxs.com/	1970-01-20 18:46:21	Name: uuid2 Value: 3402031402323856551
.the-ozone-project.com/	1970-01-20 16:36:46	Name: __cf_bm Value: ok90tlMZqYclfAyGzALAThDrWXbjqb5CzpCobvFTb3s-1701405032-0-ASuu7oUm+AtAGrx2Qd84ahiQVz2fE1oFlY3dIXj3JTQEoU/kFPD37i5r7Ceo/0+Re4Y9zNkxUMYSHIqjNs/TaP4=
.the-ozone-project.com/	1970-01-20 18:46:21	Name: ozone_uid Value: 2YvTPrySu02KzYy7BG9ddHgsxZG
.lijit.com/	1970-01-21 01:22:21	Name: ljt_reader Value: HvxOrRZHXagg3ItfQ4qadTSz
.servenobid.com/	1970-01-20 16:46:49	Name: pid_312 Value: 3402031402323856551
prebid.a-mo.net/	1970-01-20 16:36:45	Name: _Amc_b Value: 0
.casalemedia.com/	1970-01-21 01:22:21	Name: CMID Value: ZWlhaAC2lfCI94rAs.o3ggAA
.casalemedia.com/	1970-01-20 18:46:21	Name: CMPS Value: 5260
.casalemedia.com/	1970-01-20 18:46:21	Name: CMPRO Value: 5260
.lijit.com/	1970-01-21 01:22:21	Name: _ljtrtb_273657 Value: 273657
.gumgum.com/	1970-01-21 01:22:21	Name: vst Value: e_b9ba27f0-297b-47d8-99da-d30b551d7695
.servenobid.com/	1970-01-20 16:46:49	Name: pid_310 Value: HvxOrRZHXagg3ItfQ4qadTSz
.turn.com/	1970-01-20 20:55:57	Name: uid Value: 8976263294276042660
.servenobid.com/	1970-01-20 16:46:49	Name: pid_309 Value: e_b9ba27f0-297b-47d8-99da-d30b551d7695
.servenobid.com/	1970-01-20 16:46:49	Name: pid_333 Value: ZWlhaAC2lfCI94rAs-o3ggAAFIwAAAAB
.1rx.io/	1970-01-21 01:22:21	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ca5fb6e4-e325-4f3c-bc56-b95dca14bb94-003%22%7D
.openx.net/	1970-01-21 01:22:21	Name: i Value: 8257f6b2-e436-4848-a12e-26ce752568e1\|1701405032
.bidswitch.net/	1970-01-21 01:22:21	Name: tuuid Value: 770be4cc-48a4-48ea-823a-61cd039ba4e1
.bidswitch.net/	1970-01-21 01:22:21	Name: c Value: 1701405032
.bidswitch.net/	1970-01-21 01:22:21	Name: tuuid_lu Value: 1701405032
.creativecdn.com/	1970-01-21 01:22:21	Name: u Value: aRLAcAK5cVSfJztn3x3I
.creativecdn.com/	1970-01-21 01:22:21	Name: g Value: aRLAcAK5cVSfJztn3x3I_1701405032507
.creativecdn.com/	1970-01-21 01:22:21	Name: ts Value: 1701405032
.ads.pubmatic.com/	1970-01-20 16:38:11	Name: KCCH Value: YES
.rfihub.com/	1970-01-21 01:58:21	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwsjAxN7IwNjA1NxXiM9TNzS6pMDUtLtPV9fAFAF5Bw90lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwsjAxN7IwNjA1NxXiM9TNzS6pMDUtLtPV9fAFAF5Bw90lAAAA
.rfihub.com/	1970-01-21 01:58:21	Name: eud Value: H4sIAAAAAAAA__vFyGtobmBoYmBqYGxkamgJAFpY_Y8QAAAA
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 4035990d765562a4
.simpli.fi/	1970-01-21 01:23:47	Name: suid Value: 284FE48CD8174C86848521C8730295A1
.adsby.bidtheatre.com/	1970-01-20 16:46:49	Name: __kuid Value: cb909d12-5f8f-411e-bf41-49c3fc8541dc.470619032
.adform.net/	1970-01-20 17:21:23	Name: C Value: 1
.targeting.unrulymedia.com/	1970-01-21 01:22:21	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ca5fb6e4-e325-4f3c-bc56-b95dca14bb94-003%22%7D
.servenobid.com/	1970-01-20 16:46:49	Name: pid_324 Value: 5144588527800874570
.servenobid.com/	1970-01-20 16:46:49	Name: pid_353 Value: 0000EEA
.adform.net/	1970-01-20 18:03:09	Name: uid Value: 4352546796036031277
.servenobid.com/	1970-01-20 16:46:49	Name: pid_321 Value: RX-ca5fb6e4-e325-4f3c-bc56-b95dca14bb94-003
.doubleclick.net/	1970-01-21 01:58:21	Name: IDE Value: AHWqTUnhXNka6HrF5odAc7lAzoP9RQ9mJlLM8dIl8OXAJcQUnEy-A9mF3H5G8ps-47o
.smartadserver.com/	1970-01-21 02:06:59	Name: pid Value: 3835336827270385357
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8680\|ZWlha
.disqus.com/	1970-01-21 01:22:21	Name: zeta-ssp-user-id Value: ua-c9f7d61f-f6ac-3e6b-bbc2-b88695dee598
.servenobid.com/	1970-01-20 16:46:49	Name: pid_317 Value: 6332776240204533298
.servenobid.com/	1970-01-20 16:46:49	Name: pid_346 Value: ua-c9f7d61f-f6ac-3e6b-bbc2-b88695dee598
.quantserve.com/	1970-01-20 18:46:21	Name: d Value: EAIBDQHHKoir0QA
.quantserve.com/	1970-01-21 02:06:59	Name: mc Value: 65696168-ab38b-36c8b-91ad2
.smartadserver.com/	1970-01-21 01:23:47	Name: csync Value: 150:0
sync.srv.stackadapt.com/	1970-01-21 01:22:21	Name: sa-user-id Value: s%3A0-80dc48f5-e2c3-5d5d-7b5d-0ac1cc4cd6ce.m1Tbrc6UiHZy76MbjxAMH%2FQ531M6jJlRbasalUymDHI
.srv.stackadapt.com/	1970-01-21 01:22:21	Name: sa-user-id Value: s%3A0-80dc48f5-e2c3-5d5d-7b5d-0ac1cc4cd6ce.m1Tbrc6UiHZy76MbjxAMH%2FQ531M6jJlRbasalUymDHI
sync.srv.stackadapt.com/	1970-01-21 01:22:21	Name: sa-user-id-v2 Value: s%3AgNxI9eLDXV17XQrBzEzWzl_TX_I.ZmZGGCjC3nGQSbNoiQwh%2F6YFZ4AjIZBBKwpGGgh1n3E
.srv.stackadapt.com/	1970-01-21 01:22:21	Name: sa-user-id-v2 Value: s%3AgNxI9eLDXV17XQrBzEzWzl_TX_I.ZmZGGCjC3nGQSbNoiQwh%2F6YFZ4AjIZBBKwpGGgh1n3E
sync.srv.stackadapt.com/	1970-01-21 01:22:21	Name: sa-user-id-v3 Value: s%3AAQAKIA16en0owP3cFMEeFDSkXgwzZkx6r1ZpIvCFFjM7oPwXEHwYBCDowqWrBjABOgSVjvJGQgRkpfFs.WyIcD0S%2FRMlXTzHwbugOWTR2GzU1G06woVRliB4lac4
.srv.stackadapt.com/	1970-01-21 01:22:21	Name: sa-user-id-v3 Value: s%3AAQAKIA16en0owP3cFMEeFDSkXgwzZkx6r1ZpIvCFFjM7oPwXEHwYBCDowqWrBjABOgSVjvJGQgRkpfFs.WyIcD0S%2FRMlXTzHwbugOWTR2GzU1G06woVRliB4lac4
.ipredictive.com/	1970-01-21 01:22:21	Name: cu Value: 2afa8cb6-169a-44bc-bc35-b759cc315691\|1701405032822
.zemanta.com/	1970-01-21 01:22:21	Name: zuid Value: ppLZszKqHkWqeEzkOk1N
.amazon-adsystem.com/	1970-01-20 21:43:28	Name: ad-id Value: A6EYJ5J1V077rgBFhDqXM9g
.amazon-adsystem.com/	1970-01-21 02:12:45	Name: ad-privacy Value: 0
.rqtrk.eu/	1970-01-20 16:46:49	Name: browser_id Value: 1:17baa82a-d4bd-427b-9342-fe9347b73e0b
.the-ozone-project.com/	1970-01-20 18:46:21	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJncmlkIjp7InVpZCI6Ijc3MGJlNGNjLTQ4YTQtNDhlYS04MjNhLTYxY2QwMzliYTRlMSIsImV4cGlyZXMiOiIyMDIzLTEyLTE1VDA0OjMwOjMzLjc5MDc1MjYwNVoifSwiaXgiOnsidWlkIjoiWldsaGFBQzJsZkNJOTRyQXMubzNnZ0FBXHUwMDI2NTI2MCIsImV4cGlyZXMiOiIyMDIzLTEyLTE1VDA0OjMwOjMyLjc5MzM2MTcyNVoifSwic21hcnQiOnsidWlkIjoiNjQ2NTE2ODY2NzIzMzI3NTU0NiIsImV4cGlyZXMiOiIyMDIzLTEyLTE1VDA0OjMwOjMyLjYzOTkxOTIyMVoifX0sImJkYXkiOiIyMDIzLTEyLTAxVDA0OjMwOjMyLjYzOTkxNTcyMVoifQ==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ad2.360yield.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ap.lijit.com
api.adinplay.com
api.btloader.com
api.cmp.inmobi.com
api.poki.com
b1h-euc1.zemanta.com
b1sync.zemanta.com
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
c1.adform.net
cadmus.script.ac
cdn.jsdelivr.net
ce.lijit.com
cm.g.doubleclick.net
cmp.inmobi.com
cmp.quantcast.com
cms.quantserve.com
code.createjs.com
config.aps.amazon-adsystem.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
devs-api.poki.com
dsum-sec.casalemedia.com
elb.the-ozone-project.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
game-cdn.poki.com
geo.poki.io
hb.yellowblue.io
hbopenbid.pubmatic.com
hbx.media.net
i.clean.gg
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
onetag-sys.com
p.rfihub.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.a-mo.net
public.servenobid.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.gumgum.com
s.amazon-adsystem.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.cloudflareinsights.com
sync.1rx.io
sync.adkernel.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tg.socdm.com
token.rubiconproject.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.targeting.unrulymedia.com
usersync.gumgum.com
wt.rqtrk.eu
www.google-analytics.com
www.googletagmanager.com
www.pinturillo2.com
x.bidswitch.net
elb.the-ozone-project.com
104.18.219.15
104.18.43.178
104.22.75.216
108.138.1.25
108.138.9.235
13.32.27.7
130.211.23.194
141.95.32.71
142.250.185.66
142.250.186.70
145.40.97.66
162.19.138.83
169.197.150.8
172.64.151.101
18.134.84.16
18.158.216.196
18.195.110.104
18.197.187.29
18.235.74.4
185.184.8.90
185.64.189.112
185.86.138.151
188.114.96.3
188.166.17.21
193.0.160.131
198.47.127.19
20.127.253.7
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
208.93.169.131
211.120.53.200
213.227.153.222
216.52.2.16
216.52.2.48
23.201.255.110
23.35.228.23
23.35.236.188
23.35.236.201
2600:9000:2057:600:1f:4c18:bd40:93a1
2600:9000:214f:aa00:1b:cadc:ef40:93a1
2600:9000:2644:ee00:9:46dc:4700:93a1
2602:803:c003:200::51
2606:4700:20::681a:2e8
2606:4700:20::681a:346
2606:4700:20::ac43:4bf1
2606:4700:4400::ac40:994e
2606:4700::6810:3865
2606:4700::6810:5914
2606:4700::6811:9325
2606:4700::6812:1691
2607:ae80:192:1::172
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:82f::2002
2a02:26f0:780::210:a440
2a02:fa8:8806:20::2040
2a05:d018:d29:3605:3b2e:d970:bb65:e6b3
3.75.62.37
34.203.168.193
34.255.245.69
34.255.40.44
34.95.69.49
35.204.158.49
35.244.159.8
37.157.3.26
37.252.171.85
46.228.174.117
51.89.9.253
52.210.15.1
52.210.176.42
52.223.40.198
52.30.181.208
52.46.130.91
54.161.205.127
54.209.112.6
54.76.1.136
69.166.1.67
69.173.144.139
69.173.144.165
70.42.32.255
77.245.57.72
81.17.55.122
89.149.192.201
95.101.149.233
99.86.4.71
057fe361fb258822cfc4bec2e7dc17eb3a2a56c477091856e76e53279599b1b3
0627def17611f18048e850f22d00f1702991b741d36ba15c6e4de100271d6bd5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da0fa72fcbab824028965811c1c6893546d11a85e690bdc95d5daec5d4dd48a
10c96e722ab67adda3fac5cfc59323067e01a1b1cc7b13b27262ee3736009df6
194346de2123e8dc6ac7b9f63a35b2e31a87d3028a6a34fd11550d9d15d37b6b
199bddebea6425f9e6ce0b4edb0776f4809cf27eca26df108b67052f06caa0eb
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2090fd7a1e65a23aa5daeb05a0ae69dd42cc4c60d407717cc50a031c4b5a1758
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
308b52631cdbecdbe1643baacffdfa0c3c4b084cddd87f59be8ba240e4dc8ec4
345e266210fd1988d4a70630c3730b28277d82ea76e5533901fe7b4c3c72e416
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e230519e9e6bd75dce131497e7a0aa2ae9d1136732f66a0ebb6bdff88c8c875
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
406448769d3f734b29da1f99563a0757dc7b40f8e1dc6e0dc87f1f07cc8cbb30
41328397cc4fcbfc073eaf90ac56dbf629a69a24b490159d827b32f3324cface
425c35409b1a348cf163040bd6440dffb4d9ffba0d137b3d6c1348bda80b7257
44b73f0e80b55094b02ae34777b94b16fc26d77d9dcea6ab616b7cbd4a868d45
4833cf6a43e6a5ad628793f1737068c2a225df32cf8834c84e3191c8d5d12d48
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4c3b5670a01f6506988a281dce6afe452f48831f72c60671e40e147b0098fde1
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e84df5c3072a47db21020cfdd0daa84c31e314ca97cb9782e5ecca1011144c4
50965cf46d97261168caeec028aa1abadc223637d8de3e91f6661baab97a7041
527dcd7b35313805b08d03c304051f867afb8033ab123e6a575a3d9331a4e9f4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5793ae2fff25300ee13907746b024508a87ab90cfc9acbba42079ae9fbf4fcb0
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f84870c5784078c4dc10c19efab698b56d8aa412d3b1b9d3e52dd2ea7b81c4a
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b77f34729477d94434e9bd66665d99c56a9194f8142fe2dc1383c492dc375c9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6f79c8c1b0f1d4d9dd7c1d25a524946cfaa3d744f44119fb2d6e1196de390e
6ebea5f7ebaab8e2f493947e143b6c9a6734d230aa111ecf8ae83fa21afe09a1
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
78164210ecf4b4ea8c4e367a91fc620dfb222ce557c3b8836235a7badfb5c467
7f4b42dd1e22a1bdd89367dd28885c2458639394318f65939c0b29c142101a60
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8242cf3f05984b86c8be6b355026aa9d90da0d1a8170087e10a9f9f1bf24de88
869033bc075d8d55bd21ad79a0e7973a3f6be24d21c6dbf0bdd83131c3d6f4f8
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e36b3824734aec025abb1460b3c09e13d4113dc016f29238ce3ce5058c61d9f
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e77ebc52fd6462aa479ad3fca3d8731dc6d8c980fba9905958c42e22e8125a6
8edc9843ba3c1265cf8c6091972b665fd5a49c9aeab9c9475300203e7b21de49
94fe1d55ae21b6732c46db5cabfd70a040af149cadfa1235ff20852bf35966c6
95f13ef547b57b1795005a846598eae95cea14657486989c0a051343c7f283a4
9b895d5dd6bad4309956ebc2100019787940b0391e30432dac7ebc75fd6cc4c1
9cfcfe057d1a55db988e17d9cf12a8b215e40341040b6623a57ee9990d1cdc75
a7fd9431277d14034c3b19696a73dc91a59997673cdbba25adbdcf853550bc15
aacdd32e52f9e3a25c072439bda2d14baccfe2416dac4e64479516381e64b80d
ae4a44275e5ef3cf56cdab5109e975f65e0d41183da4ff0d397cf142a031d4bf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b75241bb66fff0353a92342d1f4ee366803a5110850f7131c239bdca4e20e5e7
b912904c142f6d6bd66fc8822b2500a574db2c6d32b2352d3729948a05c728b5
b9d15cc66955efe9ad2f4eea7125cd1bfa50691bd9ac07d03949cce47fa0d65d
be360e5c28eb29c92a2b5ad2c14a0bc60b7a939696531f8e924b7ddd9e95daa1
c10214337f6946c6c76ecce923a825961d40f2c879f38140c67ae7afe6ae2944
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6d4267ce2b0bb371dbd53ef71383204bc73ed66355a130091695bc68aa49f36
c6f7b4f3819e106b39730750ee067954c6cf0e0b16c7c8728bcaff0527db2129
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03670b969b98046a686b56bbf289cf501c880ddc360d870e452587c2fcd01af
d09055e38c04120b7763197b4dcfdf4f23877a24f13f9818fc59436384bf381c
d1a3412b3379f41686f2e6bd0d48ef1ac4a79b8ec092aad58dcfb3c6aa25b72d
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d623fdc02b5c02ded44079263dc167022ac7b0f3598e9bae0dd4e4d106121340
d6fc381fc8274a8e05c221c15702c0c523d1937fc0719a1d4a9e95cc804c560f
d76d07c667dab8d3ba7c32a38f291d3dfc46dc2e70d53995080eec9bf4620c70
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da8f8ab7f8cff2efc4cabf5f7392f354fbeedc445f6052c089b2e48a6f2311fd
dac42067501d04dc982256c9b02e3264f08f6ec98d4239270f0846ad4c04c212
dc7f783327a4f44f84a12c93bc0d32bceeb800bc96a911dd4295e592eef2ac2f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfc128586fee9486ced3ab7fd7011f0620be545c6a4d55f48f8268917213c943
e215c459f6b636decefe1e4bb3999a3ba5798248e6868ade99ec4e30c9acfc4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e445ddc0b5c15f3cd8b3cb7bdc0a8f8c8ca8f0a832f3c91107573dc927ab7143
e6b03aa5ff03b0053d9a4ad9667bdbcad2ecd9cb13864ecaf56075da2a06178a
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec6598b5d0a2de70ab7598251a8668401b011b89c253faed9168f9bd5df67294
f02f250ed8982087165160ca06daabbf999b6260a40e84e9ccbeadfc542fe272
f37117e5ba23d38f778ccccae2bb565cac003f56871ed9ecfb8b05174de19069
f4aa3f1a9964a9c3343e0093b7c123e1a88d52e00a253ae84cd912684b65b4d6
f9c2606c430ae68530fdbc2da88ae96df3482c73b52ca6627f5b23e662fd27e6
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb

www.pinturillo2.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

173 Requests

82 %HTTPS

26 %IPv6

63 Domains

95 Subdomains

65 IPs

10 Countries

1447 kBTransfer

4621 kBSize

65 Cookies

8 Outgoing links

Page URL History

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pinturillo2.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

82 %
HTTPS

26 %
IPv6

63
Domains

95
Subdomains

65
IPs

10
Countries

1447 kB
Transfer

4621 kB
Size

65
Cookies

173 HTTP transactions
0 data transactions