venom.com Open in urlscan Pro
72.32.138.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://venom.com/c
Effective URL:
http://venom.com/c
Submission: On August 24 via manual (August 24th 2022, 4:23:59 pm UTC) from FR — Scanned from FR

Summary HTTP 147 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 71 IPs in 11 countries across 81 domains to perform 147 HTTP transactions. The main IP is 72.32.138.96, located in United States and belongs to RMH-14, US. The main domain is venom.com.

This is the only time venom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	72.32.138.96 72.32.138.96	33070 (RMH-14) (RMH-14)
2	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	178.79.242.57 178.79.242.57	22822 (LLNW) (LLNW)
2 4	185.167.164.37 185.167.164.37	198622 (ADFORM) (ADFORM)
1	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2 4	13.32.121.72 13.32.121.72	16509 (AMAZON-02) (AMAZON-02)
1	96.16.135.39 96.16.135.39	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.210.189.116 52.210.189.116	16509 (AMAZON-02) (AMAZON-02)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 4	23.7.201.234 23.7.201.234	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1389	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3 16	37.157.6.248 37.157.6.248	198622 (ADFORM) (ADFORM)
1	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1 2	52.58.39.37 52.58.39.37	16509 (AMAZON-02) (AMAZON-02)
1	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	18.157.60.148 18.157.60.148	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
2 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.79.136 2.18.79.136	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	3.127.94.112 3.127.94.112	16509 (AMAZON-02) (AMAZON-02)
1 2	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 8	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
4 4	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
8 8	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
2 3	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	52.30.246.43 52.30.246.43	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	34.240.147.141 34.240.147.141	16509 (AMAZON-02) (AMAZON-02)
1	52.218.80.44 52.218.80.44	16509 (AMAZON-02) (AMAZON-02)
1 1	15.235.15.221 15.235.15.221	16276 (OVH) (OVH)
2 3	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	139.162.159.252 139.162.159.252	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	51.77.65.169 51.77.65.169	16276 (OVH) (OVH)
1 1	91.210.226.73 91.210.226.73	48314 (IP-PROJECTS) (IP-PROJECTS)
2	52.31.151.225 52.31.151.225	16509 (AMAZON-02) (AMAZON-02)
2 3	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	52.222.214.74 52.222.214.74	16509 (AMAZON-02) (AMAZON-02)
2 3	52.23.73.66 52.23.73.66	14618 (AMAZON-AES) (AMAZON-AES)
3 3	34.253.74.200 34.253.74.200	16509 (AMAZON-02) (AMAZON-02)
2 2	3.64.108.197 3.64.108.197	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	3.121.253.223 3.121.253.223	16509 (AMAZON-02) (AMAZON-02)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	69.169.86.38 69.169.86.38	29838 (AMC) (AMC)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	23.47.209.72 23.47.209.72	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:223... 2600:9000:223f:9000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	3.71.169.66 3.71.169.66	16509 (AMAZON-02) (AMAZON-02)
2	18.66.120.247 18.66.120.247	16509 (AMAZON-02) (AMAZON-02)
1 30	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
4	23.36.163.232 23.36.163.232	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	52.224.31.34 52.224.31.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2 2	3.127.124.165 3.127.124.165	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:bf1f:4380:1bf2:c0ae	14618 (AMAZON-AES) (AMAZON-AES)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	52.222.237.72 52.222.237.72	16509 (AMAZON-02) (AMAZON-02)
1	54.225.217.42 54.225.217.42	14618 (AMAZON-AES) (AMAZON-AES)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1 1	3.209.91.249 3.209.91.249	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	3.124.40.150 3.124.40.150	16509 (AMAZON-02) (AMAZON-02)
1 1	3.73.240.107 3.73.240.107	16509 (AMAZON-02) (AMAZON-02)
1	54.164.129.77 54.164.129.77	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	45.79.180.191 45.79.180.191	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
147	71

1 72.32.138.96 (United States)

ASN33070 (RMH-14, US)

venom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.79.242.57 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-57.fra.llnw.net

i.annihil.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.164.37 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.121.72 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.135.39 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-135-39.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.189.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-189-116.eu-west-1.compute.amazonaws.com

marvel.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.7.201.234 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-201-234.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

9096304.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1389 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.6.248 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.39.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-39-37.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.60.148 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-60-148.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.79.136 (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-136.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.127.94.112 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-94-112.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.132.78 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 77.243.60.138 (Aalborg, Denmark) 7 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.84 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.194 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.246.43 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-246-43.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.147.141 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-147-141.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.80.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.15.221 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1957 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.162.159.252 (Frankfurt am Main, Germany) 4 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1426-252.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.65.169 (Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: tags11.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.210.226.73 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.151.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-151-225.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.122 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-74.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.23.73.66 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-73-66.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.253.74.200 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-74-200.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.64.108.197 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-108-197.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Waldshut-Tiengen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.253.223 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-253-223.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.86.38 (Cranford, United States)

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.209.72 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-72.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.148.229 (Tamm, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:9000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.169.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.120.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-120-247.fra60.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 52.46.151.131 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.163.232 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-232.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

h.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.124.165 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-124-165.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:bf1f:4380:1bf2:c0ae (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.237.72 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-237-72.fra56.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.225.217.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-217-42.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.91.249 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-91-249.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.40.150 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-40-150.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.73.240.107 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-240-107.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.129.77 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-129-77.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.180.191 (Cedar Knolls, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-16.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 282	24 KB
21	adform.net 5 redirects a2.adform.net — Cisco Umbrella Rank: 6381 s2.adform.net — Cisco Umbrella Rank: 6283 c1.adform.net — Cisco Umbrella Rank: 612 dmp.adform.net — Cisco Umbrella Rank: 5038	43 KB
12	doubleclick.net 9 redirects 9096304.fls.doubleclick.net — Cisco Umbrella Rank: 401853 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 cm.g.doubleclick.net — Cisco Umbrella Rank: 214	5 KB
8	semasio.net 7 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1070 se.semasio.net — Cisco Umbrella Rank: 28982	5 KB
8	annihil.us i.annihil.us — Cisco Umbrella Rank: 179161	208 KB
7	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 secure.adnxs.com — Cisco Umbrella Rank: 463	7 KB
6	adsafety.net 5 redirects cm.adsafety.net — Cisco Umbrella Rank: 4846 tags.adsafety.net — Cisco Umbrella Rank: 154392	10 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 512 h.clarity.ms — Cisco Umbrella Rank: 5337 c.clarity.ms — Cisco Umbrella Rank: 954	26 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 972	1 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 928	73 KB
4	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1363 load77.exelator.com — Cisco Umbrella Rank: 3270 loadus.exelator.com — Cisco Umbrella Rank: 1163	3 KB
4	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456	4 KB
4	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 278 cms.analytics.yahoo.com — Cisco Umbrella Rank: 796	803 B
4	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 509 tags.bluekai.com — Cisco Umbrella Rank: 486	1 KB
4	scorecardresearch.com 2 redirects b.scorecardresearch.com — Cisco Umbrella Rank: 4035 sb.scorecardresearch.com — Cisco Umbrella Rank: 146	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	171 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 346 c.bing.com — Cisco Umbrella Rank: 204	13 KB
3	demdex.net 3 redirects dpm.demdex.net — Cisco Umbrella Rank: 201	3 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2195	5 KB
3	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 672 image2.pubmatic.com — Cisco Umbrella Rank: 877 image6.pubmatic.com — Cisco Umbrella Rank: 634	465 B
3	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 515 usermatch.krxd.net — Cisco Umbrella Rank: 1240	697 B
3	zeotap.com 2 redirects spl.zeotap.com — Cisco Umbrella Rank: 1891 mwzeom.zeotap.com — Cisco Umbrella Rank: 1478	992 B
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 310	550 B
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	2 KB
3	rubiconproject.com 2 redirects token.rubiconproject.com — Cisco Umbrella Rank: 711 pixel.rubiconproject.com — Cisco Umbrella Rank: 327	867 B
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1320 match.adsrvr.org — Cisco Umbrella Rank: 371 insight.adsrvr.org — Cisco Umbrella Rank: 610	3 KB
3	google.com www.google.com — Cisco Umbrella Rank: 9 adservice.google.com — Cisco Umbrella Rank: 88	1 KB
2	serving-sys.com 2 redirects bs.serving-sys.com — Cisco Umbrella Rank: 1174 lm.serving-sys.com — Cisco Umbrella Rank: 1840	779 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 521	1 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net — Cisco Umbrella Rank: 1641	1 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 517	578 B
2	t.co t.co — Cisco Umbrella Rank: 489	548 B
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 968	17 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 464	582 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 13833	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 11065	528 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 783	1 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 461	974 B
2	openx.net eu-u.openx.net — Cisco Umbrella Rank: 1992 us-u.openx.net — Cisco Umbrella Rank: 399	418 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 728	573 B
2	mathtag.com 2 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1005	1 KB
2	mgid.com 1 redirects cm.mgid.com — Cisco Umbrella Rank: 2193	1020 B
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 652	1 KB
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 1406	692 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 671	827 B
2	google.fr www.google.fr — Cisco Umbrella Rank: 16286	656 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	499 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	111 KB
2	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 445	56 KB
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 984	169 B
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 2184	344 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 2810	612 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 929	633 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 5166	418 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 1819	122 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 2288	263 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 2164	935 B
1	tremorhub.com amazon.partners.tremorhub.com — Cisco Umbrella Rank: 5125	183 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 606	15 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1258	55 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 418	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 23230	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 740	240 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1030	172 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 508	1 KB
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 1758	72 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1558	456 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 19469	444 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 38685	849 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3653	400 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 25066	406 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 949	344 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 600	163 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 1430	360 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 19356	344 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 130	16 KB
1	omtrdc.net marvel.tt.omtrdc.net — Cisco Umbrella Rank: 323322	531 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 3468	16 KB
1	venom.com venom.com	13 KB
0	survata.com Failed px.surveywall-api.survata.com Failed
147	81

	Domain	Requested by
30	s.amazon-adsystem.com	1 redirects a2.adform.net s.amazon-adsystem.com
13	c1.adform.net	3 redirects a2.adform.net c1.adform.net
8	cm.g.doubleclick.net	8 redirects
8	i.annihil.us	venom.com i.annihil.us
5	cm.adsafety.net	4 redirects c1.adform.net
4	tr.snapchat.com	sc-static.net a2.adform.net
4	analytics.tiktok.com	a2.adform.net analytics.tiktok.com
4	ib.adnxs.com	4 redirects
4	se.semasio.net	3 redirects c1.adform.net
4	uipglob.semasio.net	4 redirects
4	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
4	a2.adform.net	2 redirects venom.com a2.adform.net
3	dmp.adform.net	c1.adform.net
3	dpm.demdex.net	3 redirects
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	tags.bluekai.com	1 redirects c1.adform.net
3	idsync.rlcdn.com	2 redirects c1.adform.net
3	dsum-sec.casalemedia.com	2 redirects c1.adform.net
3	x.bidswitch.net	3 redirects
3	ups.analytics.yahoo.com	2 redirects c1.adform.net
3	sb.scorecardresearch.com	2 redirects venom.com
3	bat.bing.com	venom.com bat.bing.com
2	c.clarity.ms	1 redirects
2	sync.search.spotxchange.com	2 redirects
2	t.myvisualiq.net	2 redirects
2	analytics.twitter.com	a2.adform.net
2	t.co	a2.adform.net
2	sc-static.net	a2.adform.net sc-static.net
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	aa.agkn.com	2 redirects
2	beacon.krxd.net	c1.adform.net s.amazon-adsystem.com
2	mwzeom.zeotap.com	1 redirects c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	loadm.exelator.com	2 redirects
2	pixel.mathtag.com	2 redirects
2	cm.mgid.com	1 redirects c1.adform.net
2	ads.stickyadstv.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	token.rubiconproject.com	1 redirects c1.adform.net
2	ad.360yield.com	1 redirects c1.adform.net
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.google.fr	venom.com
2	www.google.com	venom.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	www.facebook.com	venom.com
2	9096304.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	connect.facebook.net	venom.com connect.facebook.net
2	assets.adobedtm.com	venom.com assets.adobedtm.com
1	c.bing.com	1 redirects
1	insight.adsrvr.org	js.adsrvr.org
1	sync.taboola.com	1 redirects
1	image6.pubmatic.com	s.amazon-adsystem.com
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	image2.pubmatic.com	s.amazon-adsystem.com
1	ssum-sec.casalemedia.com	1 redirects
1	us-u.openx.net	s.amazon-adsystem.com
1	usermatch.krxd.net	s.amazon-adsystem.com
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.samba.tv	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	cms.analytics.yahoo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	s.amazon-adsystem.com
1	h.clarity.ms	www.clarity.ms
1	static.ads-twitter.com	a2.adform.net
1	e1.emxdgt.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	global.ib-ibi.com	c1.adform.net
1	match.adsrvr.org	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	spl.zeotap.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	js.adsrvr.org	a2.adform.net
1	a1.seadform.net	venom.com
1	adservice.google.com	9096304.fls.doubleclick.net
1	stags.bluekai.com	tags.bkrtx.com
1	www.googleadservices.com	www.googletagmanager.com
1	marvel.tt.omtrdc.net	assets.adobedtm.com
1	tags.bkrtx.com	assets.adobedtm.com
1	b.scorecardresearch.com	venom.com
1	s2.adform.net	venom.com
1	venom.com
0	px.surveywall-api.survata.com Failed	s.amazon-adsystem.com
147	108

This site contains links to these domains. Also see Links.

Domain
www.marvel.com
shop.marvel.com
disneytermsofuse.com
disneyprivacycenter.com
preferences-mgr.truste.com

Subject Issuer	Validity	Valid
i.annihil.us Entrust Certification Authority - L1K	`2021-09-13` - `2022-09-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-03` - `2022-09-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2022-02-07` - `2023-02-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-01` - `2023-04-01`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
s.ad.smaato.net Amazon	`2022-08-22` - `2023-09-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2022-05-31` - `2023-06-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-12-13` - `2022-12-12`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
*.samplicio.us Amazon	`2022-03-18` - `2023-04-16`	a year	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2022-07-26` - `2022-10-24`	3 months	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh

This page contains 10 frames:

Primary Page: http://venom.com/c
Frame ID: E324FE9C561533FF5E11713F07410D9A
Requests: 40 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/56546?ret=html&phint=__bk_t%3DMarvel.com&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2Fvenom.com%2Fc&phint=__bk_v%3D3.1.10&limit=1&r=54195879
Frame ID: 6DE111E0BB906B32E667E56139F2FF58
Requests: 1 HTTP requests in this frame

Frame: https://9096304.fls.doubleclick.net/activityi;dc_pre=COOHqNvx3_kCFQXKsgodfwEJ8g;src=9096304;type=marus;cat=marus00;ord=1;num=6603460754093;gtm=2od8m0;auiddc=621412479.1661358234;~oref=http%3A%2F%2Fvenom.com%2Fc
Frame ID: EB9EB8D9981C1D25D15278A9EB68FC90
Requests: 2 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=1913694&lid=63549989&ctype=0&media=0&PageName=Universal&sysvars=%7c%7c%7c%7c&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ&rnd=1417122812&cpref=&loc=http%3a%2f%2fvenom.com%2fc
Frame ID: 31668EA7AA06099873D355FFF3E0F291
Requests: 15 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Frame ID: 0992C6BEE08EEADF03CC6FAC8D929812
Requests: 46 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-hargs=v%3D1.0%3Bc%3D1536819680101%3Bp%3DA30EB0AC-CFF7-911B-B6DE-DEB533E4D596&cb=164810448670825730&dcc=t
Frame ID: 1EEFAD909F3626AEA50F269C54234F62
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=a677d388-f7e6-4d61-962a-62aed58aa812&u_scsid=0ac9195b-fcc0-4554-a344-b076fe83c9b1&u_sclid=7a261566-2365-4b2a-b91f-4985f712dbc0
Frame ID: 61B35D3CCDDEA64359404D2826D23673
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 18F32EB3EDEC88206DE55D6954B28287
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=L3rlJS_6SjWyhCzPD6voXA&dmt=3&ex-pl-n-g-hmt=57phGvccTV-MzWWFEwWPnA&ep=mfS4I4Lxm4iN8M-0MyueFW4dQAsUGf84AwV32uclPzj4gugl9UqC11hthnnkrWqFcNoN749aEoBdqEn8OG-R5I0bzgCbOAHL1x5gOSRA0IbT6jdnjcDgaIumhl1kb-EWhMo5oIX8rL3G5vWqkWuC6s5lEqqUJr0o-rEw8HmwPn2riDf8udC8dXHulxQpYKofTb55GunG67SnZ4GKgRqOcp3lApdHdwej1d8oz9c4FYlAi6a9_QjnVcPHuC50gGmjbrizqIrA4xNIQvJZdBnlg7zSn-XrFgGC5ka4-u6SMiwsMuJCF2S7iI3slG9KvkhQdhWP43SvFepAe_ai7AuCzPsoaMfZvM3Mlupa3wn_bWjqvbQVBYyNPK5ePNyYBch_m1eQdFKuwy1IlL084of4WDf_CrgLLC9aDq2KMIURd0SdfntQf3BFh9PClhe0SmVF
Frame ID: 44222074A7FD552F8A811456E3F45E33
Requests: 39 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=jp8nt4i&ref=http%3A%2F%2Fvenom.com%2F&upid=vww3fws&upv=1.1.0
Frame ID: 053886D48A517CD197900161B5874B98
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Marvel.com

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

147
Requests

59 %
HTTPS

15 %
IPv6

81
Domains

108
Subdomains

71
IPs

11
Countries

827 kB
Transfer

1969 kB
Size

116
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.marvel.com/signin
Title: Sign In

Search URL Search Domain Scan URL

URL: https://www.marvel.com/

Search URL Search Domain Scan URL

URL: https://www.marvel.com/search

Search URL Search Domain Scan URL

URL: https://www.marvel.com/watch
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.marvel.com/characters
Title: Characters

Search URL Search Domain Scan URL

URL: https://www.marvel.com/comics
Title: Comics

Search URL Search Domain Scan URL

URL: https://www.marvel.com/movies
Title: Movies

Search URL Search Domain Scan URL

URL: https://www.marvel.com/tv-shows
Title: TV Shows

Search URL Search Domain Scan URL

URL: https://www.marvel.com/games
Title: Games

Search URL Search Domain Scan URL

URL: https://www.marvel.com/podcasts
Title: Podcasts

Search URL Search Domain Scan URL

URL: https://shop.marvel.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://disneytermsofuse.com/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://disneyprivacycenter.com/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://disneyprivacycenter.com/notice-to-california-residents
Title: Your California Privacy Rights

Search URL Search Domain Scan URL

URL: https://disneyprivacycenter.com/kids-privacy-policy/english/
Title: Children's Online Privacy Policy

Search URL Search Domain Scan URL

URL: https://preferences-mgr.truste.com/?pid=disney01&aid=marvel01&type=marvel
Title: Internet-Based Ads

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 6

http://bat.bing.com/bat.js HTTP 307
https://bat.bing.com/bat.js

Request Chain 17

https://sb.scorecardresearch.com/b?c1=2&c2=15266201&cs_it=b3&cv=3.8.0.210223&ns__t=1661358234215&ns_c=UTF-8&c7=http%3A%2F%2Fvenom.com%2Fc&c8=Marvel.com&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=15266201&cs_it=b3&cv=3.8.0.210223&ns__t=1661358234215&ns_c=UTF-8&c7=http%3A%2F%2Fvenom.com%2Fc&c8=Marvel.com&c9=

Request Chain 26

https://9096304.fls.doubleclick.net/activityi;src=9096304;type=marus;cat=marus00;ord=1;num=6603460754093;gtm=2od8m0;auiddc=621412479.1661358234;~oref=http%3A%2F%2Fvenom.com%2Fc HTTP 302
https://9096304.fls.doubleclick.net/activityi;dc_pre=COOHqNvx3_kCFQXKsgodfwEJ8g;src=9096304;type=marus;cat=marus00;ord=1;num=6603460754093;gtm=2od8m0;auiddc=621412479.1661358234;~oref=http%3A%2F%2Fvenom.com%2Fc

Request Chain 36

https://a2.adform.net/Serving/TrackPoint/?pm=1913694&ADFPageName=Universal&ADFdivider=%7C&ord=128482163089&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ&loc=http%3A%2F%2Fvenom.com%2Fc HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1913694&ADFPageName=Universal&ADFdivider=%7C&ord=128482163089&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ&loc=http%3A%2F%2Fvenom.com%2Fc

Request Chain 44

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5021393057866936831&Expiration=1662567835 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5021393057866936831&Expiration=1662567835

Request Chain 47

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5021393057866936831&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5021393057866936831&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=d23255f403ca4a749d1472a2d68f9647 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=a88e2d4dcb3ffc472ed6d1ef77490ab210e762d77a96443d81264984c4a5b7a4

Request Chain 49

https://ups.analytics.yahoo.com/ups/55944/sync?uid=5021393057866936831&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=5021393057866936831&_origin=1&verify=true

Request Chain 51

https://x.bidswitch.net/sync?dsp_id=70&user_id=5021393057866936831 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=5021393057866936831 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=4cbb613e-8b48-4f5d-a2b9-1bd060563049&gdpr=&consentData=&uspString= HTTP 307
https://cm.mgid.com/m?c=4cbb613e-8b48-4f5d-a2b9-1bd060563049&cdsp=433145&consentData=&gdpr=&uspString=&sct=1

Request Chain 52

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5021393057866936831&expiration=1662567835 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5021393057866936831&expiration=1662567835&C=1

Request Chain 53

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5021393057866936831&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5021393057866936831&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=5021393057866936831&gdpr=&gdpr_consent=&sInitiator=external HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fse.semasio.net%252Fsync%252F1%252F4354957%253FsExtCookieId%253D%2524UID%2526sInitiator%253Dinternal%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=56328670669442281&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NzA5QzhFNjQ1OURGQ0E5RA&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEBDjrClWkr6ZU9nsvBIVxJ8&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEBDjrClWkr6ZU9nsvBIVxJ8&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal HTTP 302
https://se.semasio.net/sync/1/14876172?sExtCookieId=71d66306-509b-4600-af9a-9099b9082404&sInitiator=internal&gdpr=0&gdpr_consent=

Request Chain 55

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5021393057866936831 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5021393057866936831&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 56

https://idsync.rlcdn.com/398366.gif?partner_uid=5021393057866936831 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNTAyMTM5MzA1Nzg2NjkzNjgzMRAAGg0Im6GZmAYSBQjoBxAAQgBKAA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEELxDQr9fsbsgtg03IjlVpA&google_cver=1

Request Chain 57

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5021393057866936831/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5021393057866936831/gdpr=/gdpr_consent=

Request Chain 60

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 61

https://pixel.onaudience.com/?mapped=5021393057866936831&partner=68 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=c75ea1afbaa075d1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f1c88136-2755-4f56-4b0d-e2c9b03f3991&reqId=98a27e03-587a-4a4a-78cf-23fd2e8218ac&zcluid=c75ea1afbaa075d1&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEMIufCF_vp7JXanC6gWnXlo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f1c88136-2755-4f56-4b0d-e2c9b03f3991&reqId=98a27e03-587a-4a4a-78cf-23fd2e8218ac&zcluid=c75ea1afbaa075d1&zdid=1332

Request Chain 62

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=5021393057866936831 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM12022082416a08354abb2da9ec46b7&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=c091b8d24089fe7fe3ba6c4daa4120da HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12022082416a08354abb2da9ec46b7&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=c091b8d24089fe7fe3ba6c4daa4120da&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMjA4MjQxNmEwODM1NGFiYjJkYTllYzQ2Yjc HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESELYqGBDLFzxfXX7UsSW3NTM&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12022082416a08354abb2da9ec46b7 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=5021393057866936831

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTAyMTM5MzA1Nzg2NjkzNjgzMQ HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMOG8IYb_ztj_PkJ98yzpAA&google_cver=1&google_ula=1641347,0

Request Chain 65

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=56328670669442281&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=5021393057866936831

Request Chain 69

https://a.audrte.com/a?adform_uid=5021393057866936831 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESED_iMia22wyPEk9KShcrDEs&google_cver=1 HTTP 302
https://a.audrte.com/p

Request Chain 70

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5021393057866936831&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5021393057866936831&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=74892122384118107972416562787489154520&noredirect=1

Request Chain 71

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5021393057866936831 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217003104253003395258

Request Chain 72

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7135479286281468053

Request Chain 74

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=71d66306-509b-4600-af9a-9099b9082404

Request Chain 75

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=99qDULBP1OqTaA5

Request Chain 79

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2753834832 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=nJHjtPVpb/ZRBYlymTW4MO

Request Chain 81

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5021393057866936831 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5021393057866936831&cs=1

Request Chain 83

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=5021393057866936831&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=5021393057866936831&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=f6349bd0-bc3a-486b-9be8-bcd257fb5942

Request Chain 89

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-hargs=v%3D1.0%3Bc%3D1536819680101%3Bp%3DA30EB0AC-CFF7-911B-B6DE-DEB533E4D596&cb=164810448670825730 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-hargs=v%3D1.0%3Bc%3D1536819680101%3Bp%3DA30EB0AC-CFF7-911B-B6DE-DEB533E4D596&cb=164810448670825730&dcc=t

Request Chain 106

https://ib.adnxs.com/setuid/a9?entity=188&code=Co4et0XGTu6Acx2ftRx6eg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=Co4et0XGTu6Acx2ftRx6eg

Request Chain 107

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=217003104253003395258&ex=neustar.biz

Request Chain 108

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=JBXAmvekQT-dm-7Oyhpuhg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YwZQmyI-D6Op7LBUJJhaAQAA

Request Chain 109

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=fb3351de57e797ad9457faae5e84e3b9

Request Chain 110

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 111

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=7GwIfD6TR46FkObkjkpfLw HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=7GwIfD6TR46FkObkjkpfLw

Request Chain 112

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=4ed30039-96c3-42bd-9c33-fd4f9141263e

Request Chain 115

https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=f1c88136-2755-4f56-4b0d-e2c9b03f3991

Request Chain 116

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=9ded9bed981af8b7bd3a8b3e82d323ac&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 117

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 121

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fe16457bac348229

Request Chain 122

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=299HHGUxSZW7XbvbYLsWEw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=299HHGUxSZW7XbvbYLsWEw

Request Chain 123

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=ww7upzZ9Qdun3pmVd2oUoQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=74892122384118107972416562787489154520

Request Chain 124

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=Pi93lQPFSUaevcKhYStPow HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10820390686303665369&gdpr=&gdpr_consent=

Request Chain 126

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5021393057866936831

Request Chain 127

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=26bcf53b-23c9-11ed-9e51-199d37980206 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=26bcf4fb-23c9-11ed-9e51-199d37980206

Request Chain 128

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22f1b056e5-99b4-4864-8c57-69ce3ec6f905%22,%22Time%22:%2220220824T162356.380363%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f1b056e5-99b4-4864-8c57-69ce3ec6f905

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEN34sIw7b7EhUeuIhhMlRfw&google_cver=1

Request Chain 131

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=992f3eabc2e5b946ab29781964232417

Request Chain 133

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KlRnq3ILRdvZvvNgXf00NDc4ZHk4ZgIC

Request Chain 134

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=709C8E6459DFCA9D

Request Chain 135

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=56328670669442281&ex=appnexus.com

Request Chain 137

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=oKipUDcfrKv8H-HEsY0OHA&ex=rubiconproject.com&status=ok

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=57phGvccTV-MzWWFEwWPnA& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 140

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D9C5006636274138F02842F63

Request Chain 141

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=430eba9697f583bd5759093107ff5a89427fc3ad4d075e8cc409c3f93893018e

Request Chain 143

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=f9947e75-ee06-4764-882f-286df0aba9bd-tuct9ffd61c

Request Chain 145

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=7273FF36EE564171AED6D61B5CDD9860&RedC=c.clarity.ms&MXFR=022EF28D08736E6D0C5FE0870C7360DF HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=7273FF36EE564171AED6D61B5CDD9860&MUID=2D0CE87F7446632D0A68FA7575B362A5

147 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.0 503
Service Unavailable Primary Request c Show response
venom.com/ 13 KB
13 KB 334ms
127ms Document
text/html 72.32.138.96
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://venom.com/c
Protocol: HTTP/1.0
Server: 72.32.138.96 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: BigIP /
Resource Hash: c0f1f135a2ae4d7a85ecdd329fca4d549b170f7599ade2c8b8c38c2cc851b36c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Length: 13264
Content-Type: text/html
Server: BigIP

GET
H/1.1 200
OK satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js Show response
assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/ 105 KB
28 KB 75ms
26ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js
Requested by: Host: venom.com
URL: http://venom.com/c
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e761cf0d058a8e35bec470e90841328ff169ccf3a2c803e9cfb67e907db693fc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 16:23:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Sep 2020 21:54:44 GMT
Server: AkamaiNetStorage
ETag: "aafcf0af03fe8eb62cc3271a44b5ebce:1599602084.817237"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://venom.com
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 28111
Expires: Wed, 24 Aug 2022 17:23:53 GMT

GET
H2 200 main-628a0aed79.css
i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/ 35 KB
6 KB 191ms
26ms Stylesheet
text/css 178.79.242.57
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Requested by: Host: venom.com
URL: http://venom.com/c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.57 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-57.fra.llnw.net
Software: CloudStorage /
Resource Hash: a8d2652bbfcd895f59d7e9bb7095e5e8f67f002611001b50a761f64ae16b20f0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
content-encoding: gzip
last-modified: Wed, 27 Mar 2019 15:14:42 GMT
server: CloudStorage
age: 35567
x-agile-request-id: 136633742940f40553d91c1b11520e83, b56abe7cd8d5091bd84655e1cc3e8ac8
vary: Accept-Encoding
content-type: text/css
x-agile-checksum: a8d2652bbfcd895f59d7e9bb7095e5e8f67f002611001b50a761f64ae16b20f0
x-agile-source: 69.28.134.191:1987
x-agile-brick-id: 480531824
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5602
x-llid: 93e41bf342469837f5966edbb39dc791

GET
H2 200 jquery-3.3.1.min.js Show response
i.annihil.us/u/prod/marvel/i/js/ 85 KB
30 KB 190ms
26ms Script
application/javascript 178.79.242.57
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://i.annihil.us/u/prod/marvel/i/js/jquery-3.3.1.min.js
Requested by: Host: venom.com
URL: http://venom.com/c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.57 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-57.fra.llnw.net
Software: CloudStorage /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
content-encoding: gzip
last-modified: Fri, 06 Jul 2018 14:13:01 GMT
server: CloudStorage
age: 40769
x-agile-request-id: 99eb8b232157eeff1e6b0b8ba0e9a876, d12090706bf1dd065ace45d7e2fb54ca
vary: Accept-Encoding
content-type: application/javascript
x-agile-checksum: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
x-agile-source: 68.142.67.218:1987
x-agile-brick-id: 480529417
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30358
x-llid: 3ed7ead553d9586b87f8550743a85f11

GET
H2 200 main-ec0b804c01.js Show response
i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/js/ 2 KB
1 KB 113ms
25ms Script
application/javascript 178.79.242.57
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/js/main-ec0b804c01.js
Requested by: Host: venom.com
URL: http://venom.com/c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.57 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-57.fra.llnw.net
Software: CloudStorage /
Resource Hash: 5b67b4868edfa827e6c22ef20ed8d69c35163d76a84df51d7243b656822a1c33

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
content-encoding: gzip
last-modified: Tue, 17 Jul 2018 20:57:06 GMT
server: CloudStorage
age: 17003
x-agile-request-id: ce39baf1179426c23e910e0cf2bf6240, 0b231d507be3e588e0c7775f7b64c3a8
vary: Accept-Encoding
content-type: application/javascript
x-agile-checksum: 5b67b4868edfa827e6c22ef20ed8d69c35163d76a84df51d7243b656822a1c33
x-agile-source: 69.28.134.160:1987
x-agile-brick-id: 480531673
accept-ranges: bytes
access-control-allow-origin: *
content-length: 986
x-llid: 5c335ee3554f624397c3549010e01f2b

GET
H/1.1 200
OK satellite-5dadd6ed64746d2b1e006fbc.js Show response
assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/scripts/ 76 KB
28 KB 25ms
25ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/scripts/satellite-5dadd6ed64746d2b1e006fbc.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 34da65a434d76d99155ad82012f852c1a160574c61ce24864c95c4a78b30befa

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 16:23:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Sep 2020 21:54:45 GMT
Server: AkamaiNetStorage
ETag: "bd3f83c1d9d5fba23a370bd48983476e:1599602085.813751"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://venom.com
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 28011
Expires: Wed, 24 Aug 2022 17:23:54 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a2.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
30 KB

192ms
36ms

Script
application/javascript

37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: venom.com
URL: http://venom.com/c
Protocol: H2
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 11:34:23 GMT
server: nginx
x-amz-request-id: tx000000000000080e343a1-0063064267-323350c8-default
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Wed, 24 Aug 2022 16:23:54 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2

200

bat.js Show response
bat.bing.com/
Redirect Chain

http://bat.bing.com/bat.js
https://bat.bing.com/bat.js

38 KB
12 KB

112ms
40ms

Script
application/javascript

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: venom.com
URL: http://venom.com/c

Protocol

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B51BC9E77F734FCB8B58A2F1AB235709 Ref B: AMBEDGE0712 Ref C: 2022-08-24T16:23:54Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 24 Aug 2022 16:23:53 GMT
accept-ranges: bytes
content-length: 11367

Redirect headers

Location: https://bat.bing.com/bat.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 115ms
38ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: venom.com
URL: http://venom.com/c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26535
x-xss-protection: 0
pragma: public
x-fb-debug: U8uLX5yMKPc1PCveBqFtfXcj76d0djSoIxyJKvMDfwJ5gdHQp1P95AxPPCLSndrHlGcWgFEnPtajAyOfIzH97Q==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 24 Aug 2022 16:23:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1661357765058
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 95ms
37ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-945804815

Requested by

Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47294431730e6090be04c72b6f7765233f267765c5218271fdf08cf27028c037

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45733
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Aug 2022 16:23:54 GMT

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 4 KB
2 KB 77ms
23ms Script
application/javascript 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: venom.com
URL: http://venom.com/c
Protocol: HTTP/1.1
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 06:29:43 GMT
Content-Encoding: gzip
Age: 35657
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 28 Jun 2022 13:19:23 GMT
Server: AmazonS3
ETag: W/"eaf85c1c6758e84acfe134efd70e9373"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
X-Amz-Cf-Pop: FRA60-P1
X-Amz-Cf-Id: 9LuqO9YFj3U_7QeZnFvu3h2ZKRQ2MoSEjxFgGW0vNp1n4QNMcRmf1w==

GET
H2 200 marvel.svg
i.annihil.us/u/prod/misc/ 886 B
984 B 25ms
24ms Image
image/svg+xml 178.79.242.57
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.annihil.us/u/prod/misc/marvel.svg
Requested by: Host: venom.com
URL: http://venom.com/c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.57 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-57.fra.llnw.net
Software: CloudStorage /
Resource Hash: 77ed783446d00b1e37a0b20884a60272fd27f68267035aafd40eece3bf746f27

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
content-encoding: gzip
last-modified: Thu, 01 Jun 2017 16:59:38 GMT
server: CloudStorage
age: 20787
x-agile-request-id: d2fbbbe09bf016c0a3d40a18105931b9, a002d07bef7ae45d5634044010259cbc
vary: Accept-Encoding
content-type: image/svg+xml
x-agile-checksum: 77ed783446d00b1e37a0b20884a60272fd27f68267035aafd40eece3bf746f27
x-agile-source: 69.28.134.156:1987
x-agile-brick-id: 480531657
accept-ranges: bytes
access-control-allow-origin: *
content-length: 555
x-llid: b4cc01fe60b2a34cac99807315c7974a

GET
H2 200 maintenance.jpg
i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/images/ 90 KB
90 KB 26ms
24ms Image
image/jpeg 178.79.242.57
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/images/maintenance.jpg
Requested by: Host: i.annihil.us
URL: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.57 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-57.fra.llnw.net
Software: CloudStorage /
Resource Hash: 6a02ab1864187a4cf7168813c2ae2e17b0f84cdd8b64e86914b73ba2a0d3d903

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
last-modified: Tue, 17 Jul 2018 20:57:03 GMT
server: CloudStorage
age: 22325
x-agile-request-id: a664ea9b146d6f144b9fc88ce573a3ba, 0dffe333e23fc762761d18fa2d10ce01
content-type: image/jpeg
x-agile-checksum: 6a02ab1864187a4cf7168813c2ae2e17b0f84cdd8b64e86914b73ba2a0d3d903
x-agile-source: 69.28.134.163:1987
x-agile-brick-id: 480531672
accept-ranges: bytes
access-control-allow-origin: *
content-length: 92177
x-llid: e46164cf28fc94a59f57f41700b57219

GET
H2 200 03008527-67bd-478e-98e3-3b56dd9a6520.woff2
i.annihil.us/u/prod/marvel/s/fonts/terrigen/ 29 KB
29 KB 75ms
25ms Font
application/octet-stream 178.79.242.57
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://i.annihil.us/u/prod/marvel/s/fonts/terrigen/03008527-67bd-478e-98e3-3b56dd9a6520.woff2
Requested by: Host: i.annihil.us
URL: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.57 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-57.fra.llnw.net
Software: CloudStorage /
Resource Hash: 5c948def2b7a4453ae2f5c6bc1c7ba94f2d42b316da4ae1c82951f056948ebe3

Request headers

Referer: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Origin: http://venom.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
last-modified: Thu, 21 Dec 2017 20:37:26 GMT
server: CloudStorage
age: 22325
x-agile-request-id: 76d1034e7a98fb89ef967bd30b786328, 8bbab39ace019f6b50c38c9505869961
content-type: application/octet-stream
x-agile-checksum: 5c948def2b7a4453ae2f5c6bc1c7ba94f2d42b316da4ae1c82951f056948ebe3
x-agile-source: 69.164.26.245:1987
x-agile-brick-id: 480531638
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29316
x-llid: ca56ba518cc0b34460cfd9ff00af9fdb

GET
H2 200 76b8cda6-0ded-4197-acab-e314297eb90f.woff2
i.annihil.us/u/prod/marvel/s/fonts/terrigen/ 24 KB
25 KB 100ms
49ms Font
application/octet-stream 178.79.242.57
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://i.annihil.us/u/prod/marvel/s/fonts/terrigen/76b8cda6-0ded-4197-acab-e314297eb90f.woff2
Requested by: Host: i.annihil.us
URL: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.57 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-57.fra.llnw.net
Software: CloudStorage /
Resource Hash: 252e0c85e488cc3574471ed7211571ad207f77426690a0ae8c1bd13fc4007cbb

Request headers

Referer: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Origin: http://venom.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
last-modified: Thu, 21 Dec 2017 20:50:08 GMT
server: CloudStorage
age: 22325
x-agile-request-id: eb3b888fe28e36fb62336692670b6dab, 3648a68949dd1ffc10b5065de6cda083
content-type: application/octet-stream
x-agile-checksum: 252e0c85e488cc3574471ed7211571ad207f77426690a0ae8c1bd13fc4007cbb
x-agile-source: 208.111.190.232:1987
x-agile-brick-id: 480531682
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25080
x-llid: 8662373daf92268f5cf831d69b92d6cd

GET
H2 200 44e7b0fa-6c8d-43c2-b19e-f1e3ce9ea57c.woff2
i.annihil.us/u/prod/marvel/s/fonts/terrigen/ 24 KB
25 KB 99ms
48ms Font
application/octet-stream 178.79.242.57
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://i.annihil.us/u/prod/marvel/s/fonts/terrigen/44e7b0fa-6c8d-43c2-b19e-f1e3ce9ea57c.woff2
Requested by: Host: i.annihil.us
URL: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.57 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-57.fra.llnw.net
Software: CloudStorage /
Resource Hash: 606aeba72580863b6f94f94a6b9d4bda72f17ff65e4adb951356d2a7f545707e

Request headers

Referer: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Origin: http://venom.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
last-modified: Thu, 21 Dec 2017 20:49:59 GMT
server: CloudStorage
age: 22325
x-agile-request-id: 2eacd84303a288e8185cd4ab7541868a, 5429586d43125f4305ee237cbcc2c1e9
content-type: application/octet-stream
x-agile-checksum: 606aeba72580863b6f94f94a6b9d4bda72f17ff65e4adb951356d2a7f545707e
x-agile-source: 68.142.67.222:1987
x-agile-brick-id: 480531847
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24988
x-llid: a337c3a486e0d6fb5fc9e3c254a5d67d

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 149ms
25ms Script
application/javascript 96.16.135.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.135.39 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-135-39.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://venom.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Wed, 24 Aug 2022 16:23:54 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Wed, 31 Aug 2022 16:23:54 GMT

GET
H/1.1 200 json Show response
marvel.tt.omtrdc.net/m2/marvel/mbox/ 96 B
531 B 105ms
34ms XHR
application/json 52.210.189.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://marvel.tt.omtrdc.net/m2/marvel/mbox/json?mbox=target-global-mbox&mboxSession=4f3d9c84b3e547f982df0f1ced22a4f4&mboxPC=&mboxPage=9b857a1bf2904da7814579525b750e22&mboxRid=be067058ef944c0eb10bf90395e97532&mboxVersion=1.8.0&mboxCount=1&mboxTime=1661358234192&mboxHost=venom.com&mboxURL=http%3A%2F%2Fvenom.com%2Fc&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/scripts/satellite-5dadd6ed64746d2b1e006fbc.js
Protocol: HTTP/1.1
Server: 52.210.189.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-189-116.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b417ac33be7f47360fe4c8cc9f7ed317235077d0eb3e648f13cd62bc7029eebe

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:54 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: http://venom.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 96
X-Request-ID: be067058ef944c0eb10bf90395e97532

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=15266201&cs_it=b3&cv=3.8.0.210223&ns__t=1661358234215&ns_c=UTF-8&c7=http%3A%2F%2Fvenom.com%2Fc&c8=Marvel.com&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=15266201&cs_it=b3&cv=3.8.0.210223&ns__t=1661358234215&ns_c=UTF-8&c7=http%3A%2F%2Fvenom.com%2Fc&c8=Marvel.com&c9=

0
190 B

23ms
23ms

Image
text/plain

13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=15266201&cs_it=b3&cv=3.8.0.210223&ns__t=1661358234215&ns_c=UTF-8&c7=http%3A%2F%2Fvenom.com%2Fc&c8=Marvel.com&c9=
Requested by: Host: venom.com
URL: http://venom.com/c
Protocol: H2
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: lTH1v_n4k-3ioLDBeF_HuR1DkzGyGMkcfh8rWzJitujcJnJwBnIAMg==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=15266201&cs_it=b3&cv=3.8.0.210223&ns__t=1661358234215&ns_c=UTF-8&c7=http%3A%2F%2Fvenom.com%2Fc&c8=Marvel.com&c9=
date: Wed, 24 Aug 2022 16:23:54 GMT
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: 9JIRWtsGICqoMnFb8fHZxRaKUK4BowyaRqn8Lq8O9A-zvuCs3K5-XQ==
x-cache: Miss from cloudfront

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 163ms
85ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-945804815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15682
x-xss-protection: 0
server: cafe
etag: 14097944420163075165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 24 Aug 2022 16:23:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-925733351&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-945804815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76b895796ba3227185f234d06d5dc99627e7121f9afc30b8e33a842ef90d59fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45668
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Aug 2022 16:23:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9096304&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-945804815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e102e38504ed809983860fbbb54449aff8623ff9ad1eebcffe81bbc71a6fbd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41619
x-xss-protection: 0
expires: Wed, 24 Aug 2022 16:23:54 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 66ms
66ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-9096304&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-945804815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0978c65b094108a91eaa072e453fa99386ab2518e7958bb3a2573c4470182d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41618
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Aug 2022 16:23:54 GMT

GET
H2 200 451745415265867 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 38ms
37ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/451745415265867?v=2.9.77&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

efac46b38284140bd209eb750d50843d8c7de11b7238b1b5fadc83a22c20ce30

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86146
x-xss-protection: 0
pragma: public
x-fb-debug: /rg9xAvRd51lddunxKHAC4qnmCPC86C0BMc9VHEV7Qx8DGpwsGcJXeag5KVVnk1Aae0yr4nlDU5TzEYw94cFxg==
x-fb-trip-id: 720026100
x-frame-options: DENY
date: Wed, 24 Aug 2022 16:23:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1661357814776
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 56004448.js Show response
bat.bing.com/p/action/ 1 KB
861 B 358ms
357ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56004448.js

Requested by

Host: bat.bing.com
URL: http://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

7f97c6a1ea2bf81c7d7985b58a97cacbcde60f9843da73a229d573ba35361223

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7CAF00E1F2D64202BF6DCA255709E77B Ref B: AMBEDGE0712 Ref C: 2022-08-24T16:23:54Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Wed, 24 Aug 2022 16:23:53 GMT
content-length: 667

GET
H2 200 56546 Show response
stags.bluekai.com/site/ Frame 6DE1 71 B
256 B 387ms
224ms Document
text/html 23.7.201.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/56546?ret=html&phint=__bk_t%3DMarvel.com&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2Fvenom.com%2Fc&phint=__bk_v%3D3.1.10&limit=1&r=54195879
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.7.201.234 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-201-234.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: http://venom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

bk-server: 446a
content-length: 71
content-type: text/html
date: Wed, 24 Aug 2022 16:23:54 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
x-n: S

GET
H2 204 0
bat.bing.com/action/ 0
176 B 38ms
38ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56004448&Ver=2&mid=20d34c66-5890-41f6-859e-5d9bb9d2cf22&sid=2586822023c911ed9f3317cab187bcac&vid=2586823023c911eda8c019d2bf66ba61&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Marvel.com&p=http%3A%2F%2Fvenom.com%2Fc&r=&lt=909&evt=pageLoad&sv=1&rn=447717

Requested by

Host: venom.com
URL: http://venom.com/c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B1EAFD13C1D5491C8FD9E8DBF269639D Ref B: AMBEDGE0712 Ref C: 2022-08-24T16:23:54Z
date: Wed, 24 Aug 2022 16:23:53 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=COOHqNvx3_kCFQXKsgodfwEJ8g;src=9096304;type=marus;cat=marus00;ord=1;num=6603460754093;gtm=2od8m0;auiddc=621412479.1661358234;~oref=http%3A%2F%2Fvenom.com%2Fc Show response
9096304.fls.doubleclick.net/ Frame EB9E
Redirect Chain

https://9096304.fls.doubleclick.net/activityi;src=9096304;type=marus;cat=marus00;ord=1;num=6603460754093;gtm=2od8m0;auiddc=621412479.1661358234;~oref=http%3A%2F%2Fvenom.com%2Fc?
https://9096304.fls.doubleclick.net/activityi;dc_pre=COOHqNvx3_kCFQXKsgodfwEJ8g;src=9096304;type=marus;cat=marus00;ord=1;num=6603460754093;gtm=2od8m0;auiddc=621412479.1661358234;~oref=http%3A%2F%2F...

391 B
352 B

119ms
68ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9096304.fls.doubleclick.net/activityi;dc_pre=COOHqNvx3_kCFQXKsgodfwEJ8g;src=9096304;type=marus;cat=marus00;ord=1;num=6603460754093;gtm=2od8m0;auiddc=621412479.1661358234;~oref=http%3A%2F%2Fvenom.com%2Fc?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9096304&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

663ff8eab70b3c94152fa2e11d5cd753526e2367a467416eb5b0b2b55730e9a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 327
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 16:23:54 GMT
expires: Wed, 24 Aug 2022 16:23:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 16:23:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9096304.fls.doubleclick.net/activityi;dc_pre=COOHqNvx3_kCFQXKsgodfwEJ8g;src=9096304;type=marus;cat=marus00;ord=1;num=6603460754093;gtm=2od8m0;auiddc=621412479.1661358234;~oref=http%3A%2F%2Fvenom.com%2Fc?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 122ms
41ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=451745415265867&ev=PageView&dl=http%3A%2F%2Fvenom.com%2Fc&rl=&if=false&ts=1661358234388&sw=1600&sh=1200&v=2.9.77&r=stable&ec=0&o=30&fbp=fb.1.1661358234387.186797439&it=1661358234286&coo=false&rqm=GET

Requested by

Host: venom.com
URL: http://venom.com/c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 24 Aug 2022 16:23:54 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/945804815/ 2 KB
2 KB 98ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945804815/?random=1661358234448&cv=9&fst=1661358234448&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fvenom.com%2Fc&tiba=Marvel.com&auid=621412479.1661358234&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b102eb93c07def730eca53fb022464998672643e281691954bbaf6d220d4fd85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1016
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/925733351/ 2 KB
1 KB 127ms
70ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/925733351/?random=1661358234452&cv=9&fst=1661358234452&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fvenom.com%2Fc&tiba=Marvel.com&auid=621412479.1661358234&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02e99527184bc2978eadc2b26a81ba2880fd3303ae197e83165f65d9f0be5a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1016
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/945804815/ 42 B
108 B 100ms
40ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/945804815/?random=1661358234448&cv=9&fst=1661356800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fvenom.com%2Fc&tiba=Marvel.com&async=1&fmt=3&is_vtc=1&random=3863391306&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: venom.com
URL: http://venom.com/c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/945804815/ 42 B
548 B 98ms
38ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/945804815/?random=1661358234448&cv=9&fst=1661356800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fvenom.com%2Fc&tiba=Marvel.com&async=1&fmt=3&is_vtc=1&random=3863391306&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: venom.com
URL: http://venom.com/c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/925733351/ 42 B
548 B 69ms
40ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/925733351/?random=1661358234452&cv=9&fst=1661356800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fvenom.com%2Fc&tiba=Marvel.com&async=1&fmt=3&is_vtc=1&random=1086078571&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: venom.com
URL: http://venom.com/c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/925733351/ 42 B
108 B 68ms
39ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/925733351/?random=1661358234452&cv=9&fst=1661356800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fvenom.com%2Fc&tiba=Marvel.com&async=1&fmt=3&is_vtc=1&random=1086078571&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: venom.com
URL: http://venom.com/c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 56004448 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 289ms
149ms Script
application/x-javascript 2620:1ec:27::cafe:1389
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/56004448
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56004448.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1389 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 9de4f673716b252fef4a1795d755e7dc8093ff9f296fb8694bffdb65c08de02a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
x-powered-by: ASP.NET
x-azure-ref: 0mlAGYwAAAAAE5XwpmQnoSaBNDDyrWSQjU1RPRURHRTE4MjEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
content-length: 1542
expires: -1

GET
H2 200 dc_pre=COOHqNvx3_kCFQXKsgodfwEJ8g;src=9096304;type=marus;cat=marus00;ord=1;num=6603460754093;gtm=2od8m0;auiddc=*;~oref=http%3A%2F%2Fvenom.com%2Fc
adservice.google.com/ddm/fls/z/ Frame EB9E 42 B
494 B 133ms
62ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COOHqNvx3_kCFQXKsgodfwEJ8g;src=9096304;type=marus;cat=marus00;ord=1;num=6603460754093;gtm=2od8m0;auiddc=*;~oref=http%3A%2F%2Fvenom.com%2Fc

Requested by

Host: 9096304.fls.doubleclick.net
URL: https://9096304.fls.doubleclick.net/activityi;dc_pre=COOHqNvx3_kCFQXKsgodfwEJ8g;src=9096304;type=marus;cat=marus00;ord=1;num=6603460754093;gtm=2od8m0;auiddc=621412479.1661358234;~oref=http%3A%2F%2Fvenom.com%2Fc?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://9096304.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=1913694&ADFPageName=Universal&ADFdivider=%7C&ord=128482163089&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1913694&ADFPageName=Universal&ADFdivider=%7C&ord=128482163089&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tL...

1 KB
1 KB

89ms
89ms

Script
text/javascript

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1913694&ADFPageName=Universal&ADFdivider=%7C&ord=128482163089&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ&loc=http%3A%2F%2Fvenom.com%2Fc

Requested by

Host: venom.com
URL: http://venom.com/c

Protocol

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3c11357a4cf9c8c8c615445506811623b36143d81f586978c1ae7ec7e5ab677a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 847
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:54 GMT
server: nginx
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1913694&ADFPageName=Universal&ADFdivider=%7C&ord=128482163089&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ&loc=http%3A%2F%2Fvenom.com%2Fc
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 77ms
38ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=451745415265867&ev=Microdata&dl=http%3A%2F%2Fvenom.com%2Fc&rl=&if=false&ts=1661358234891&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Marvel.com%22%2C%22meta%3Adescription%22%3A%22Marvel.com%20is%20the%20source%20for%20Marvel%20comics%2C%20digital%20comics%2C%20comic%20strips%2C%20and%20more%20featuring%20Iron%20Man%2C%20Spider-Man%2C%20Hulk%2C%20X-Men%20and%20all%20your%20favorite%20superheroes.%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Marvel.com%20is%20the%20source%20for%20Marvel%20comics%2C%20digital%20comics%2C%20comic%20strips%2C%20and%20more%20featuring%20Iron%20Man%2C%20Spider-Man%2C%20Hulk%2C%20X-Men%20and%20all%20your%20favorite%20superheroes.%22%2C%22og%3Asite_name%22%3A%22Marvel.com%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.77&r=stable&ec=1&o=30&fbp=fb.1.1661358234387.186797439&it=1661358234286&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: venom.com
URL: http://venom.com/c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 24 Aug 2022 16:23:54 GMT

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame 3166 5 KB
3 KB 89ms
88ms Document
text/html 185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=1913694&lid=63549989&ctype=0&media=0&PageName=Universal&sysvars=%7c%7c%7c%7c&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ&rnd=1417122812&cpref=&loc=http%3a%2f%2fvenom.com%2fc

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cb92ab1552120973800555a5a9928b9990264e72e958ed2d77e4595700f434a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://venom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 24 Aug 2022 16:23:54 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 0992 5 KB
2 KB 123ms
37ms Document
text/html 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=1913694&ADFPageName=Universal&ADFdivider=%7C&ord=128482163089&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ&loc=http%3A%2F%2Fvenom.com%2Fc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

dcc98914fe2648542cedb88a1c413bd96e038bf806acbb4f8429e596215abd12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://venom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 24 Aug 2022 16:23:55 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
344 B 178ms
37ms Image
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=5021393057866936831&stamp=YcDx10pDL6ADvP-67D9Y4w2

Requested by

Host: venom.com
URL: http://venom.com/c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 24 Aug 2022 16:23:55 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-c/s/0.6.39/ 53 KB
23 KB 141ms
141ms Script
application/javascript 2620:1ec:27::cafe:1389
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-c/s/0.6.39/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56004448
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1389 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
content-encoding: br
etag: "1d8b099e3740ca1"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0mlAGYwAAAACUuL2M6MXXQJk7LxZxY+PFU1RPRURHRTE4MjEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 3166 4 KB
2 KB 79ms
23ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=1913694&lid=63549989&ctype=0&media=0&PageName=Universal&sysvars=%7c%7c%7c%7c&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ&rnd=1417122812&cpref=&loc=http%3a%2f%2fvenom.com%2fc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 19:33:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 75035
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P7
X-Amz-Cf-Id: -PhMdCkBOj9pPGrC5ABIpsx3ktSWwhZ5tvS0jdWxoEIBvrSpXY_6hQ==

GET
H2 200 plf
c1.adform.net/imatch/ Frame 0992 0
261 B 36ms
35ms Image
text/plain 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:55 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 0992
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5021393057866936831&Expiration=1662567835
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5021393057866936831&Expiration=1662567835

43 B
423 B

33ms
33ms

Image
image/gif

52.58.39.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5021393057866936831&Expiration=1662567835
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Server: 52.58.39.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-39-37.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 24 Aug 2022 16:23:55 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=5021393057866936831&Expiration=1662567835
date: Wed, 24 Aug 2022 16:23:55 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 0992 0
360 B 110ms
33ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=5021393057866936831

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:55 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 23 Aug 2022 16:23:55 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 0992 0
214 B 111ms
25ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=5021393057866936831
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 0992
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5021393057866936831&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5021393057866936831&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=d23255f403ca4a749...
https://c1.adform.net/serving/cookie/match?party=9&uid=a88e2d4dcb3ffc472ed6d1ef77490ab210e762d77a96443d81264984c4a5b7a4

35 B
468 B

36ms
36ms

Image
image/gif

37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=a88e2d4dcb3ffc472ed6d1ef77490ab210e762d77a96443d81264984c4a5b7a4

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=a88e2d4dcb3ffc472ed6d1ef77490ab210e762d77a96443d81264984c4a5b7a4
date: Wed, 24 Aug 2022 16:23:55 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 0992 43 B
163 B 217ms
18ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=5021393057866936831&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:54 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 0992
Redirect Chain

https://ups.analytics.yahoo.com/ups/55944/sync?uid=5021393057866936831&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=5021393057866936831&_origin=1&verify=true

0
121 B

25ms
25ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=5021393057866936831&_origin=1&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:55 GMT
server: ATS/9.1.10.25
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=5021393057866936831&_origin=1&verify=true
date: Wed, 24 Aug 2022 16:23:55 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 0992 43 B
715 B 176ms
57ms Image
image/gif 2.18.79.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=5021393057866936831
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:55 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1661358235133045-354
Expires: Wed, 24 Aug 2022 16:23:55 GMT

GET
H3

200

m
cm.mgid.com/ Frame 0992
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=5021393057866936831
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=5021393057866936831
https://cm.mgid.com/m?cdsp=433145&c=4cbb613e-8b48-4f5d-a2b9-1bd060563049&gdpr=&consentData=&uspString=
https://cm.mgid.com/m?c=4cbb613e-8b48-4f5d-a2b9-1bd060563049&cdsp=433145&consentData=&gdpr=&uspString=&sct=1

43 B
389 B

158ms
134ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?c=4cbb613e-8b48-4f5d-a2b9-1bd060563049&cdsp=433145&consentData=&gdpr=&uspString=&sct=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H3
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 73fd6f6bfefdd357-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
location: https://cm.mgid.com/m?c=4cbb613e-8b48-4f5d-a2b9-1bd060563049&cdsp=433145&consentData=&gdpr=&uspString=&sct=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 73fd6f6b1ea2cdcf-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0992
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5021393057866936831&expiration=1662567835
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5021393057866936831&expiration=1662567835&C=1

43 B
943 B

114ms
89ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5021393057866936831&expiration=1662567835&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73fd6f69ec4dd2e1-CDG
pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HJ%2ByxsfRauVtjX94OpUh2XyOsYRBmalBVHdkrfUgLbPBsS1M5racKgOyaowBHmvLMdKnHM2yLhMp4cWGJz9AGHXxtLJbAG38LzBSza3tEIn0lwyWgJVi4U2KlSDlx%2FAR8kZf9RrEmgtLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CD8riONsiqQfII%2BK6%2BYFXVcVaCq8IKaHn8Wl2AwGtJBZdwWJHe8fPT%2BZ0JTr8GAigFEKNq9Mo6EKfVKtfXYLg9rGRligoa9BMQ%2FPGCPUMzd%2F4j1jA0r8%2FyoCCP2mubwX8NLdEnJVsjQ2tw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=5021393057866936831&expiration=1662567835&C=1
cache-control: no-cache
cf-ray: 73fd6f695980d357-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

14876172
se.semasio.net/sync/1/ Frame 0992
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5021393057866936831&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5021393057866936831&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=5021393057866936831&gdpr=&gdpr_consent=&sInitiator=external
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fse.semasio.net%252Fsync%252F1%252F4354957%253FsExtCookieId%253D%2524UID%2526sInitiator%253Dinternal%26gdpr%3D0%26gdpr_consent%3D
https://se.semasio.net/sync/1/4354957?sExtCookieId=56328670669442281&sInitiator=internal&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NzA5QzhFNjQ1OURGQ0E5RA&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEBDjrClWkr6ZU9nsvBIVxJ8&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEBDjrClWkr6ZU9nsvBIVxJ8&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal
https://se.semasio.net/sync/1/14876172?sExtCookieId=71d66306-509b-4600-af9a-9099b9082404&sInitiator=internal&gdpr=0&gdpr_consent=

0
415 B

36ms
36ms

Image
text/plain

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/14876172?sExtCookieId=71d66306-509b-4600-af9a-9099b9082404&sInitiator=internal&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: HTTP/1.1
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:54 GMT
uip-status: Ok
frontend-id: 05
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Date: Wed, 24 Aug 2022 16:23:55 GMT
Server: MT3 4494 7cf1da7 master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://se.semasio.net/sync/1/14876172?sExtCookieId=71d66306-509b-4600-af9a-9099b9082404&sInitiator=internal&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 24 Aug 2022 16:23:54 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 0992 0
344 B 108ms
22ms Image
text/plain 3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5021393057866936831&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 16:23:55 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 0992
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5021393057866936831
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5021393057866936831&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
331 B

342ms
22ms

Image
image/gif

2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-nzt: AcO1qhHSGs7/hlgNAA
x-accel-expires: @1661520406
date: Wed, 24 Aug 2022 16:23:56 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: BrmPVwssE9U
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 874630
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Wed, 24 Aug 2022 16:23:56 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 0992
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=5021393057866936831
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNTAyMTM5MzA1Nzg2NjkzNjgzMRAAGg0Im6GZmAYSBQjoBxAAQgBKAA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEELxDQr9fsbsgtg03IjlVpA&google_cver=1

42 B
60 B

28ms
28ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEELxDQr9fsbsgtg03IjlVpA&google_cver=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Aug 2022 16:23:55 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEELxDQr9fsbsgtg03IjlVpA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5021393057866936831/gdpr=/ Frame 0992
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5021393057866936831/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5021393057866936831/gdpr=/gdpr_consent=

49 B
279 B

28ms
28ms

Image
image/gif

52.30.246.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5021393057866936831/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Server: 52.30.246.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-246-43.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
expires: 0
cache-control: no-cache
x-server: 10.45.26.161
content-type: image/gif
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=5021393057866936831/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.45.5.239
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 0992 62 B
227 B 297ms
198ms Image
image/gif 23.7.201.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=5021393057866936831
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.7.201.234 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-201-234.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:55 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 0992 43 B
273 B 102ms
24ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5021393057866936831
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 0992
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

152ms
43ms

Image
image/gif

52.218.80.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: HTTP/1.1
Server: 52.218.80.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 16:23:56 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: D5AFNW69YHPWWRVN
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: 2ObCxU0LmHeaXqROlrhdJD9X3p7c7yJuom4XVjnFo5XivRYcr+HyDfGCD0MNNg92TJrGymNhFMw=

Redirect headers

X-Error-Reason: Missing UserId
Date: Wed, 24 Aug 2022 16:23:54 GMT
Server: akka-http/10.2.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0992
Redirect Chain

https://pixel.onaudience.com/?mapped=5021393057866936831&partner=68
https://spl.zeotap.com/?zdid=1332&zcluid=c75ea1afbaa075d1
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f1c88136-2755-4f56-4b0d-e2c9b03f3991&reqId=98a27e03-587a-4a4a-78cf-23fd2e8218ac&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEMIufCF_vp7JXanC6gWnXlo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f1c88136-2755-4f56-4b0d-e2c9b03f3991&reqId=98a27e03-587a-4a4a-78cf-23f...

95 B
164 B

40ms
40ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEMIufCF_vp7JXanC6gWnXlo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f1c88136-2755-4f56-4b0d-e2c9b03f3991&reqId=98a27e03-587a-4a4a-78cf-23fd2e8218ac&zcluid=c75ea1afbaa075d1&zdid=1332
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://c1.adform.net
access-control-allow-credentials: true
cf-ray: 73fd6f6d2c4f99a4-CDG
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEMIufCF_vp7JXanC6gWnXlo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f1c88136-2755-4f56-4b0d-e2c9b03f3991&reqId=98a27e03-587a-4a4a-78cf-23fd2e8218ac&zcluid=c75ea1afbaa075d1&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 0992
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=5021393057866936831
https://tags.adsafety.net/v1/cm?cm_uid=CM12022082416a08354abb2da9ec46b7&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=c091b8d24089fe7fe3ba6c4daa4120da
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12022082416a08354abb2da9ec46b7&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=c091b8d24089fe7fe3ba6c4daa4120da&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMjA4MjQxNmEwODM1NGFiYjJkYTllYzQ2Yjc
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESELYqGBDLFzxfXX7UsSW3NTM&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12022082416a08354abb2da9ec46b7
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=5021393057866936831

43 B
2 KB

29ms
29ms

Image
image/gif

139.162.159.252
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=5021393057866936831
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: HTTP/1.1
Server: 139.162.159.252 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1426-252.members.linode.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:55 GMT
Last-Modified: Wed, 24 Aug 2022 16:23:55 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: nginx
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=5021393057866936831
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 0992 0
339 B 107ms
29ms Image
text/plain 52.31.151.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=5021393057866936831
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.151.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-151-225.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1661358235
x-served-by: beacon-n023-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 0992
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTAyMTM5MzA1Nzg2NjkzNjgzMQ
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMOG8IYb_ztj_PkJ98yzpAA&google_cver=1&google_ula=1641347,0

35 B
468 B

36ms
36ms

Image
image/gif

37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMOG8IYb_ztj_PkJ98yzpAA&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMOG8IYb_ztj_PkJ98yzpAA&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 0992
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=56328670669442281&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=5021393057866936831

43 B
1004 B

29ms
28ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=5021393057866936831

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:55 GMT
X-Proxy-Origin: 37.59.164.105; 37.59.164.105; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 24cb38f0-5efa-44e2-ae64-161ecc60155b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=5021393057866936831
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame 0992 0
261 B 39ms
36ms Image
text/plain 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:55 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 0992 0
225 B 77ms
18ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5021393057866936831
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:55 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 0992 43 B
444 B 130ms
23ms Image
image/gif 52.222.214.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-74.fra56.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 02:34:57 GMT
Via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.20.0
Age: 49738
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-P3
Content-Length: 43
X-Amz-Cf-Id: -ABXp7hVjAu9CaXj7fSsQ7TecQ6SA2SPo3pSxckF3r_-TsHs7g2epw==

GET
H/1.1

200

p
a.audrte.com/ Frame 0992
Redirect Chain

https://a.audrte.com/a?adform_uid=5021393057866936831
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESED_iMia22wyPEk9KShcrDEs&google_cver=1
https://a.audrte.com/p

68 B
617 B

96ms
96ms

Image
image/png

52.23.73.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: HTTP/1.1
Server: 52.23.73.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-73-66.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 16:23:56 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Wed, 24 Aug 2022 16:23:56 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 0992
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5021393057866936831&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5021393057866936831&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=74892122384118107972416562787489154520&noredirect=1

35 B
468 B

41ms
37ms

Image
image/gif

37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=74892122384118107972416562787489154520&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-2-v038-0972c09bf.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 7/7f8zCTQos=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=74892122384118107972416562787489154520&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 0992
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5021393057866936831
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217003104253003395258

35 B
468 B

49ms
36ms

Image
image/gif

37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217003104253003395258

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: AAWebServer
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217003104253003395258
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 0992
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7135479286281468053

35 B
468 B

36ms
36ms

Image
image/gif

37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7135479286281468053

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7135479286281468053
Date: Wed, 24 Aug 2022 16:23:55 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 0992 62 B
428 B 211ms
210ms Image
image/gif 23.7.201.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=5021393057866936831
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.7.201.234 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-201-234.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:55 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 0992
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=71d66306-509b-4600-af9a-9099b9082404

35 B
468 B

36ms
36ms

Image
image/gif

37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=71d66306-509b-4600-af9a-9099b9082404

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Wed, 24 Aug 2022 16:23:55 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x11 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=71d66306-509b-4600-af9a-9099b9082404
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 24 Aug 2022 16:23:54 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 0992
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=99qDULBP1OqTaA5

35 B
468 B

37ms
37ms

Image
image/gif

37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=99qDULBP1OqTaA5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:55 GMT
Server: PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-027eb96c098a0be3e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=99qDULBP1OqTaA5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0992 70 B
265 B 559ms
35ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame 0992 0
72 B 685ms
95ms Image
text/plain 69.169.86.38
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=5021393057866936831
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_256_CBC
Server: 69.169.86.38 Cranford, United States, ASN29838 (AMC, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame 0992 43 B
1 KB 2160ms
1707ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=5021393057866936831

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:57 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 0992
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2753834832
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=nJHjtPVpb/ZRBYlymTW4MO

35 B
468 B

36ms
36ms

Image
image/gif

37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=nJHjtPVpb/ZRBYlymTW4MO

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
via: 1.1 google
last-modified: Wed, 24 Aug 2022 16:23:56 GMT
server: Weborama Collect Frontend
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=nJHjtPVpb/ZRBYlymTW4MO
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 0992 23 B
172 B 488ms
77ms Image
image/gif 23.47.209.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=5021393057866936831
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-72.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:56 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 24 Aug 2022 16:23:56 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 0992
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5021393057866936831
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5021393057866936831&cs=1

35 B
376 B

27ms
26ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5021393057866936831&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Server: 136.243.148.229 Tamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:56 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5021393057866936831&cs=1
date: Wed, 24 Aug 2022 16:23:56 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 0992 0
240 B 361ms
23ms Image
text/plain 2600:9000:223f:9000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=5021393057866936831
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:9000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:56 GMT
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: TsTJo_jzEJ2H6tZSjk9ngjcNjgnxZ87zkksZId0SQXn6cwm58aMdbw==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 0992
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=5021393057866936831&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=5021393057866936831&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=f6349bd0-bc3a-486b-9be8-bcd257fb5942

35 B
468 B

36ms
36ms

Image
image/gif

37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=f6349bd0-bc3a-486b-9be8-bcd257fb5942

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=f6349bd0-bc3a-486b-9be8-bcd257fb5942
date: Wed, 24 Aug 2022 16:23:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 5021393057866936831
match.contentexchange.me/adform/ Frame 0992 0
49 B 145ms
48ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/5021393057866936831?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:56 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame 0992 37 B
140 B 81ms
28ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=5021393057866936831&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 put
e1.emxdgt.com/ Frame 0992 0
55 B 128ms
24ms Image
text/html 3.71.169.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=5021393057866936831
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:55 GMT
content-length: 0
content-type: text/html

GET
H2 200 plf
c1.adform.net/imatch/ Frame 0992 0
261 B 37ms
36ms Image
text/plain 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5021393057866936831&agencyId=2364&advertiserId=2057003&src=tp&rnd=440284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:55 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 3166 22 KB
8 KB 97ms
38ms Script
application/javascript 18.66.120.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=1913694&lid=63549989&ctype=0&media=0&PageName=Universal&sysvars=%7c%7c%7c%7c&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ&rnd=1417122812&cpref=&loc=http%3a%2f%2fvenom.com%2fc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.120.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-120-247.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1c8384f493600f8ca471b69029eb14dc4a9b7e4070305c2f418752d0fc4ceef

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:55 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7905
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-amz-cf-id: X6BsDw133WnMKzH7KSgxwetEXT9VDBn6fhb05UD8BwK26_v4ARoV_A==

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 1EEF
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-harg...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-harg...

1008 B
2 KB

127ms
127ms

Document
text/html

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-hargs=v%3D1.0%3Bc%3D1536819680101%3Bp%3DA30EB0AC-CFF7-911B-B6DE-DEB533E4D596&cb=164810448670825730&dcc=t

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=1913694&lid=63549989&ctype=0&media=0&PageName=Universal&sysvars=%7c%7c%7c%7c&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ&rnd=1417122812&cpref=&loc=http%3a%2f%2fvenom.com%2fc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

5f5bf95851741a5ab2d210b5c8f5b2ec5964c561151ca471100508cd228f30ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://a2.adform.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1008
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 24 Aug 2022 16:23:55 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 4H0K5MY4YFF442G3HGGD

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 24 Aug 2022 16:23:55 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-hargs=v%3D1.0%3Bc%3D1536819680101%3Bp%3DA30EB0AC-CFF7-911B-B6DE-DEB533E4D596&cb=164810448670825730&dcc=t
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: ZXFGCV8WK956DX4Y9Y76

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 3166 56 KB
15 KB 441ms
22ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=1913694&lid=63549989&ctype=0&media=0&PageName=Universal&sysvars=%7c%7c%7c%7c&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ&rnd=1417122812&cpref=&loc=http%3a%2f%2fvenom.com%2fc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1287fc0aa84dc8d13adf7173f344a0143511840be8c95fa6203396984a462d4b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:55 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:42:23 GMT
etag: "58faa0bb9a63121ea57a3106609bc291+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15291
x-served-by: cache-iad-kiad7000128-IAD, cache-hhn11550-HHN

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 3166 140 KB
40 KB 375ms
126ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CA5RTV3C77U3BC95G1A0&lib=ttq
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=1913694&lid=63549989&ctype=0&media=0&PageName=Universal&sysvars=%7c%7c%7c%7c&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ&rnd=1417122812&cpref=&loc=http%3a%2f%2fvenom.com%2fc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1051bda167cd024237ad896012b9dfe69d1cc39e774a515f733127bf263d2077

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022082416235564228FF03A6742052B0A
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 98,23.36.161.204
x-tt-trace-host: 013bf77a42b4b26032d297ce5546fdc13a3aef9aa81eccea1bd866e5307082220eab0937ce2581e50f2634e3a590ba486c14a15065e49444ebef56ccd7c645a0d4964ea47a63b062e80beacc2ddaa6deed
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=98
x-akamai-request-id: 13dfc041
expires: Wed, 24 Aug 2022 16:23:55 GMT

GET
H2 200 init Show response
tr.snapchat.com/ Frame 3166 126 B
477 B 168ms
21ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=a677d388-f7e6-4d61-962a-62aed58aa812

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

0af910f97a4d57695329e707e2e27fc8870324c8cf4a2bef75925d7c34a418c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:55 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://a2.adform.net
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ Frame 3166 79 B
163 B 169ms
22ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=a677d388-f7e6-4d61-962a-62aed58aa812&tld=net

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e20ff86a2187601640feadcfe9e738199ea70221b9a4bb97093c1653c7dcf5f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:55 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://a2.adform.net
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 61B3 0
48 B 161ms
27ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=a677d388-f7e6-4d61-962a-62aed58aa812&u_scsid=0ac9195b-fcc0-4554-a344-b076fe83c9b1&u_sclid=7a261566-2365-4b2a-b91f-4985f712dbc0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://a2.adform.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 24 Aug 2022 16:23:55 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 204 collect Show response
h.clarity.ms/ 0
171 B 392ms
98ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.39/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: http://venom.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: http://venom.com
date: Wed, 24 Aug 2022 16:23:55 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 js-sha256-v1.min.js Show response
sc-static.net/ Frame 3166 22 KB
8 KB 68ms
25ms Script
application/javascript 18.66.120.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/js-sha256-v1.min.js
Requested by: Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.120.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-120-247.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Referer: https://a2.adform.net/
Origin: https://a2.adform.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 05:47:42 GMT
content-encoding: gzip
age: 38174
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
server: AmazonS3
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Type
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: VNveYewbo0sVhKskBOtJ2JadTenBbC0DoBhCinBXiitzkInfKsn17w==

POST
H2 200 p Show response
tr.snapchat.com/ Frame 18F3 68 B
560 B 66ms
26ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://a2.adform.net
Referer: https://a2.adform.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: https://a2.adform.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 68
content-type: text/html
date: Wed, 24 Aug 2022 16:23:55 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 1

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 3166 114 KB
31 KB 163ms
163ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CA5RTV3C77U3BC95G1A0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-akamai-request-id: 3a7416ae.13dfc2ca
date: Wed, 24 Aug 2022 16:23:55 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-parent-response-time: 136,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=125, origin; dur=11, inner; dur=3
content-length: 30891
pragma: no-cache
server: nginx
x-tt-logid: 202208241623552A8F18F6E5E940EF9521
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.220.104.19
x-tt-trace-host: 013bf77a42b4b26032d297ce5546fdc13a5417d28263a2e423f38188536408b61e79d901c12e38206cd266f42dbab4614db9afd60a795989ae45d904e33838bdd5b12aa88a0e276f633819ad275a1e4a2740dac44b953c38d6f277c5a0643abc6f
expires: Wed, 24 Aug 2022 16:23:55 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 3166 869 B
932 B 150ms
150ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=CA5RTV3C77U3BC95G1A0&hostname=a2.adform.net
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CA5RTV3C77U3BC95G1A0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4d06dee68c8191d49ee2ec3bfa11c174993cf853a684ebba59bb8d2f0583f8f4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-akamai-request-id: 13dfc3c2
date: Wed, 24 Aug 2022 16:23:55 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=95
content-length: 350
pragma: no-cache
server: nginx
x-tt-logid: 202208241623551E084FC831040E228A77
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 95,23.36.161.204
x-tt-trace-host: 013bf77a42b4b26032d297ce5546fdc13a3aef9aa81eccea1bd866e5307082220e50a9684ed3afb952010c2766e27f9b842387b1e834389708636be8e5cf86ad2165065cc41f7ed10ee5e9e42e19914bfa
expires: Wed, 24 Aug 2022 16:23:55 GMT

GET
H2 200 adsct
t.co/i/ Frame 3166 43 B
211 B 874ms
186ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=4289e9d5-f3be-40fd-bd47-4b2791cca78a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=bd194acf-313f-47a8-9546-329cf23a749f&tw_document_href=https%3A%2F%2Fa2.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D1913694%26lid%3D63549989%26ctype%3D0%26media%3D0%26PageName%3DUniversal%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ%26rnd%3D1417122812%26cpref%3D%26loc%3Dhttp%253a%252f%252fvenom.com%252fc&tw_document_referrer=http%3A%2F%2Fvenom.com%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5kpx&type=javascript&version=2.3.26

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time: 163
date: Wed, 24 Aug 2022 16:23:55 GMT
server: tsa_f
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: fbcfec3e3085a2814cd45678a670240a5bcccd3506a7de540a77e37290c6d558
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 3166 43 B
223 B 229ms
177ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=4289e9d5-f3be-40fd-bd47-4b2791cca78a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=bd194acf-313f-47a8-9546-329cf23a749f&tw_document_href=https%3A%2F%2Fa2.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D1913694%26lid%3D63549989%26ctype%3D0%26media%3D0%26PageName%3DUniversal%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ%26rnd%3D1417122812%26cpref%3D%26loc%3Dhttp%253a%252f%252fvenom.com%252fc&tw_document_referrer=http%3A%2F%2Fvenom.com%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5kpx&type=javascript&version=2.3.26

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time: 153
date: Wed, 24 Aug 2022 16:23:55 GMT
server: tsa_f
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 368cb64d0ef7c4e2cba31f78e800a2371da3c9b933660ed61ff51e2db2d12ef7
content-length: 43

GET
H2 200 adsct
t.co/i/ Frame 3166 43 B
337 B 871ms
184ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=a1101eeb-dbfb-4406-8f85-4d425d30f1c5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=bd194acf-313f-47a8-9546-329cf23a749f&tw_document_href=https%3A%2F%2Fa2.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D1913694%26lid%3D63549989%26ctype%3D0%26media%3D0%26PageName%3DUniversal%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ%26rnd%3D1417122812%26cpref%3D%26loc%3Dhttp%253a%252f%252fvenom.com%252fc&tw_document_referrer=http%3A%2F%2Fvenom.com%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5kqg&type=javascript&version=2.3.26

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time: 161
date: Wed, 24 Aug 2022 16:23:56 GMT
server: tsa_f
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: fbcfec3e3085a2814cd45678a670240a5bcccd3506a7de540a77e37290c6d558
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 3166 43 B
355 B 226ms
174ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a1101eeb-dbfb-4406-8f85-4d425d30f1c5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=bd194acf-313f-47a8-9546-329cf23a749f&tw_document_href=https%3A%2F%2Fa2.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D1913694%26lid%3D63549989%26ctype%3D0%26media%3D0%26PageName%3DUniversal%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjEiOiJodHRwOi8vdmVub20uY29tL2MifQ%26rnd%3D1417122812%26cpref%3D%26loc%3Dhttp%253a%252f%252fvenom.com%252fc&tw_document_referrer=http%3A%2F%2Fvenom.com%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5kqg&type=javascript&version=2.3.26

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time: 151
date: Wed, 24 Aug 2022 16:23:54 GMT
server: tsa_f
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 368cb64d0ef7c4e2cba31f78e800a2371da3c9b933660ed61ff51e2db2d12ef7
content-length: 43

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 4422 6 KB
6 KB 110ms
109ms Document
text/html 52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=L3rlJS_6SjWyhCzPD6voXA&dmt=3&ex-pl-n-g-hmt=57phGvccTV-MzWWFEwWPnA&ep=mfS4I4Lxm4iN8M-0MyueFW4dQAsUGf84AwV32uclPzj4gugl9UqC11hthnnkrWqFcNoN749aEoBdqEn8OG-R5I0bzgCbOAHL1x5gOSRA0IbT6jdnjcDgaIumhl1kb-EWhMo5oIX8rL3G5vWqkWuC6s5lEqqUJr0o-rEw8HmwPn2riDf8udC8dXHulxQpYKofTb55GunG67SnZ4GKgRqOcp3lApdHdwej1d8oz9c4FYlAi6a9_QjnVcPHuC50gGmjbrizqIrA4xNIQvJZdBnlg7zSn-XrFgGC5ka4-u6SMiwsMuJCF2S7iI3slG9KvkhQdhWP43SvFepAe_ai7AuCzPsoaMfZvM3Mlupa3wn_bWjqvbQVBYyNPK5ePNyYBch_m1eQdFKuwy1IlL084of4WDf_CrgLLC9aDq2KMIURd0SdfntQf3BFh9PClhe0SmVF

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-hargs=v%3D1.0%3Bc%3D1536819680101%3Bp%3DA30EB0AC-CFF7-911B-B6DE-DEB533E4D596&cb=164810448670825730&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

3f56af20b4e1e5bbf21ad0ef040a4af61c6f2909dda117793e26f629306cb559

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-hargs=v%3D1.0%3Bc%3D1536819680101%3Bp%3DA30EB0AC-CFF7-911B-B6DE-DEB533E4D596&cb=164810448670825730&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 5831
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 24 Aug 2022 16:23:55 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: ST6A0KCKBB1QZ0SSF2EF

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame 3166 0
690 B 131ms
130ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CA5RTV3C77U3BC95G1A0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a2.adform.net/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5a509ee9.13dfc5e8
date: Wed, 24 Aug 2022 16:23:55 GMT
x-cache-remote: TCP_MISS from a23-220-105-9.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-parent-response-time: 106,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=19, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220824162355B83EE4F2B785BD160E65
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,23.220.105.9
x-tt-trace-host: 013bf77a42b4b26032d297ce5546fdc13a5417d28263a2e423f38188536408b61e7e53f1e599d75548213979b832663b3d1f782e81c2b439f92cfaa1ebc0b2f7d6a766d36926c2087019016a8227b9ebff05db287891f73137fe60330c1b9e3b5e
expires: Wed, 24 Aug 2022 16:23:55 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=Co4et0XGTu6Acx2ftRx6eg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=Co4et0XGTu6Acx2ftRx6eg

43 B
556 B

112ms
111ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=Co4et0XGTu6Acx2ftRx6eg

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=L3rlJS_6SjWyhCzPD6voXA&dmt=3&ex-pl-n-g-hmt=57phGvccTV-MzWWFEwWPnA&ep=mfS4I4Lxm4iN8M-0MyueFW4dQAsUGf84AwV32uclPzj4gugl9UqC11hthnnkrWqFcNoN749aEoBdqEn8OG-R5I0bzgCbOAHL1x5gOSRA0IbT6jdnjcDgaIumhl1kb-EWhMo5oIX8rL3G5vWqkWuC6s5lEqqUJr0o-rEw8HmwPn2riDf8udC8dXHulxQpYKofTb55GunG67SnZ4GKgRqOcp3lApdHdwej1d8oz9c4FYlAi6a9_QjnVcPHuC50gGmjbrizqIrA4xNIQvJZdBnlg7zSn-XrFgGC5ka4-u6SMiwsMuJCF2S7iI3slG9KvkhQdhWP43SvFepAe_ai7AuCzPsoaMfZvM3Mlupa3wn_bWjqvbQVBYyNPK5ePNyYBch_m1eQdFKuwy1IlL084of4WDf_CrgLLC9aDq2KMIURd0SdfntQf3BFh9PClhe0SmVF

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:55 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QTVTA1T6DHXGBH64VAD2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:55 GMT
X-Proxy-Origin: 37.59.164.105; 37.59.164.105; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 587ee04d-b417-4a45-a1a2-ce378d4e1a34
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=Co4et0XGTu6Acx2ftRx6eg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=217003104253003395258&ex=neustar.biz

43 B
556 B

221ms
111ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=217003104253003395258&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:55 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TGKB1E3HNX411FWYW43W
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: AAWebServer
location: https://s.amazon-adsystem.com/ecm3?id=217003104253003395258&ex=neustar.biz
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=JBXAmvekQT-dm-7Oyhpuhg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YwZQmyI-D6Op7LBUJJhaAQAA

43 B
556 B

377ms
109ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YwZQmyI-D6Op7LBUJJhaAQAA

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GHZS031VABM0ZRGTSS1Q
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBVuYADATmW8mpYVk%2BmMY3YnePLxKZTeR4G8Cn7x0NOPvSqJMhjSUeWwWbGGzRrcUVcoTSAf9lF8y799KTPdaSTzanTic0plSTLb%2Bf3LZHsEnX7%2F26PBLkCuBLLGe5dMPUpsOZdFhsR81A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YwZQmyI-D6Op7LBUJJhaAQAA
cache-control: no-cache
cf-ray: 73fd6f6dcb07d2e1-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=fb3351de57e797ad9457faae5e84e3b9

43 B
556 B

304ms
107ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=fb3351de57e797ad9457faae5e84e3b9

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: MV0VEPK3VJBM38746KK7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=fb3351de57e797ad9457faae5e84e3b9
Date: Wed, 24 Aug 2022 16:23:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
556 B

242ms
110ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9NPE3HXD2QE2FDTD4DJW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Wed, 24 Aug 2022 16:23:55 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=7GwIfD6TR46FkObkjkpfLw
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=7GwIfD6TR46FkObkjkpfLw

43 B
556 B

303ms
107ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=7GwIfD6TR46FkObkjkpfLw

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PJZJYWKGJK2HR1N3WAST
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=7GwIfD6TR46FkObkjkpfLw
date: Wed, 24 Aug 2022 16:23:55 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=4ed30039-96c3-42bd-9c33-fd4f9141263e

43 B
556 B

108ms
108ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=4ed30039-96c3-42bd-9c33-fd4f9141263e

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: G9ZX3BYHG3S55TM0NMCB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Date: Wed, 24 Aug 2022 16:23:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=4ed30039-96c3-42bd-9c33-fd4f9141263e

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame 4422 43 B
183 B 556ms
99ms Image
image/gif 2600:1f18:612b:4216:bf1f:4380:1bf2:c0ae
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=L3rlJS_6SjWyhCzPD6voXA&dmt=3&ex-pl-n-g-hmt=57phGvccTV-MzWWFEwWPnA&ep=mfS4I4Lxm4iN8M-0MyueFW4dQAsUGf84AwV32uclPzj4gugl9UqC11hthnnkrWqFcNoN749aEoBdqEn8OG-R5I0bzgCbOAHL1x5gOSRA0IbT6jdnjcDgaIumhl1kb-EWhMo5oIX8rL3G5vWqkWuC6s5lEqqUJr0o-rEw8HmwPn2riDf8udC8dXHulxQpYKofTb55GunG67SnZ4GKgRqOcp3lApdHdwej1d8oz9c4FYlAi6a9_QjnVcPHuC50gGmjbrizqIrA4xNIQvJZdBnlg7zSn-XrFgGC5ka4-u6SMiwsMuJCF2S7iI3slG9KvkhQdhWP43SvFepAe_ai7AuCzPsoaMfZvM3Mlupa3wn_bWjqvbQVBYyNPK5ePNyYBch_m1eQdFKuwy1IlL084of4WDf_CrgLLC9aDq2KMIURd0SdfntQf3BFh9PClhe0SmVF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:bf1f:4380:1bf2:c0ae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:56 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 4422 0
123 B 485ms
33ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:56 GMT
via: http/1.1 spdc0105.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=f1c88136-2755-4f56-4b0d-e2c9b03f3991

43 B
556 B

315ms
112ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=f1c88136-2755-4f56-4b0d-e2c9b03f3991

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: EW5NYE2KYDZQT6N2J9S7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 24 Aug 2022 16:23:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=f1c88136-2755-4f56-4b0d-e2c9b03f3991
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 73fd6f6dcd4599a4-CDG
access-control-allow-headers: *

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=9ded9bed981af8b7bd3a8b3e82d323ac&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

385ms
109ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=9ded9bed981af8b7bd3a8b3e82d323ac&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8111GXTYPWV04M6ZPDTY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:55 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=9ded9bed981af8b7bd3a8b3e82d323ac&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1661358235720089-412
Expires: Wed, 24 Aug 2022 16:23:55 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
556 B

115ms
114ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3E6226BKBE35K8W24YBZ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 24 Aug 2022 16:23:56 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=QD08C5YDXZAGRR7JFVQF:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
server: Server
x-amz-rid: QD08C5YDXZAGRR7JFVQF
strict-transport-security: max-age=31536000; includeSubDomains
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
permissions-policy: interest-cohort=()
x-robots-tag: noindex, nofollow
x-amz-cf-id: VrpQi1Ha8kXIRZzFnWMaT4Hfljt8mcACuz_AhtRPiWIMaZha8uQgoA==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 4422 0
338 B 36ms
29ms Image
text/plain 52.31.151.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=L3rlJS_6SjWyhCzPD6voXA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=L3rlJS_6SjWyhCzPD6voXA&dmt=3&ex-pl-n-g-hmt=57phGvccTV-MzWWFEwWPnA&ep=mfS4I4Lxm4iN8M-0MyueFW4dQAsUGf84AwV32uclPzj4gugl9UqC11hthnnkrWqFcNoN749aEoBdqEn8OG-R5I0bzgCbOAHL1x5gOSRA0IbT6jdnjcDgaIumhl1kb-EWhMo5oIX8rL3G5vWqkWuC6s5lEqqUJr0o-rEw8HmwPn2riDf8udC8dXHulxQpYKofTb55GunG67SnZ4GKgRqOcp3lApdHdwej1d8oz9c4FYlAi6a9_QjnVcPHuC50gGmjbrizqIrA4xNIQvJZdBnlg7zSn-XrFgGC5ka4-u6SMiwsMuJCF2S7iI3slG9KvkhQdhWP43SvFepAe_ai7AuCzPsoaMfZvM3Mlupa3wn_bWjqvbQVBYyNPK5ePNyYBch_m1eQdFKuwy1IlL084of4WDf_CrgLLC9aDq2KMIURd0SdfntQf3BFh9PClhe0SmVF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.151.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-151-225.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1661358235
x-served-by: beacon-n008-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 4422 0
263 B 651ms
100ms Image
text/plain 54.225.217.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=L3rlJS_6SjWyhCzPD6voXA&dmt=3&ex-pl-n-g-hmt=57phGvccTV-MzWWFEwWPnA&ep=mfS4I4Lxm4iN8M-0MyueFW4dQAsUGf84AwV32uclPzj4gugl9UqC11hthnnkrWqFcNoN749aEoBdqEn8OG-R5I0bzgCbOAHL1x5gOSRA0IbT6jdnjcDgaIumhl1kb-EWhMo5oIX8rL3G5vWqkWuC6s5lEqqUJr0o-rEw8HmwPn2riDf8udC8dXHulxQpYKofTb55GunG67SnZ4GKgRqOcp3lApdHdwej1d8oz9c4FYlAi6a9_QjnVcPHuC50gGmjbrizqIrA4xNIQvJZdBnlg7zSn-XrFgGC5ka4-u6SMiwsMuJCF2S7iI3slG9KvkhQdhWP43SvFepAe_ai7AuCzPsoaMfZvM3Mlupa3wn_bWjqvbQVBYyNPK5ePNyYBch_m1eQdFKuwy1IlL084of4WDf_CrgLLC9aDq2KMIURd0SdfntQf3BFh9PClhe0SmVF
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.217.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-217-42.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Server: nginx/1.20.0
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 4422 0
122 B 343ms
19ms Image
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=QVvwv2pFQ_eBpX65UCsl8g&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT1&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-n2dvz
date: Wed, 24 Aug 2022 16:23:56 GMT
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fe16457bac348229

43 B
556 B

109ms
109ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fe16457bac348229

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YRC0774Y4NCEQVM0RZM4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 24 Aug 2022 16:23:56 GMT
x-content-type-options: nosniff
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fe16457bac348229
x-frame-options: SAMEORIGIN
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type, Authorization
content-length: 93

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=299HHGUxSZW7XbvbYLsWEw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=299HHGUxSZW7XbvbYLsWEw

43 B
556 B

107ms
107ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=299HHGUxSZW7XbvbYLsWEw

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: X3ECZM0RBAGMTH32AFPP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=299HHGUxSZW7XbvbYLsWEw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=ww7upzZ9Qdun3pmVd2oUoQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=74892122384118107972416562787489154520

43 B
556 B

112ms
112ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=74892122384118107972416562787489154520

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: MP9Q1NCAG5QXNCKRX371
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v038-0c296aa05.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 3d+Qv7LBSFw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=74892122384118107972416562787489154520
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=Pi93lQPFSUaevcKhYStPow
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10820390686303665369&gdpr=&gdpr_consent=

43 B
556 B

109ms
108ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10820390686303665369&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SD646K7ZE3ZJF7F537YG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:56 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10820390686303665369&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame 4422 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5021393057866936831

43 B
556 B

395ms
107ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5021393057866936831

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZTR6ZQVHW5YBGV15DTA7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: nginx
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5021393057866936831
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=26bcf53b-23c9-11ed-9e51-199d37980206
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=26bcf4fb-23c9-11ed-9e51-199d37980206

43 B
556 B

107ms
107ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=26bcf4fb-23c9-11ed-9e51-199d37980206

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VH8C7TRKVZJNFWT0C0ZK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 24 Aug 2022 16:23:56 GMT
Server: nginx
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=26bcf4fb-23c9-11ed-9e51-199d37980206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 19
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22f1b056e5-99b4-4864-8c57-69ce3ec6f905%22,%22Time%22:%2220220824T162356.380363%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f1b056e5-99b4-4864-8c57-69ce3ec6f905

43 B
556 B

109ms
109ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f1b056e5-99b4-4864-8c57-69ce3ec6f905

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BWJ2FYQS81PMK12R21XH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f1b056e5-99b4-4864-8c57-69ce3ec6f905
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEN34sIw7b7EhUeuIhhMlRfw&google_cver=1

43 B
556 B

326ms
116ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEN34sIw7b7EhUeuIhhMlRfw&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XQT76CYV49JPF10RTQQ0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEN34sIw7b7EhUeuIhhMlRfw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame 4422 20 B
20 B 366ms
96ms Image
text/plain 54.164.129.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=L3rlJS_6SjWyhCzPD6voXA&dmt=3&ex-pl-n-g-hmt=57phGvccTV-MzWWFEwWPnA&ep=mfS4I4Lxm4iN8M-0MyueFW4dQAsUGf84AwV32uclPzj4gugl9UqC11hthnnkrWqFcNoN749aEoBdqEn8OG-R5I0bzgCbOAHL1x5gOSRA0IbT6jdnjcDgaIumhl1kb-EWhMo5oIX8rL3G5vWqkWuC6s5lEqqUJr0o-rEw8HmwPn2riDf8udC8dXHulxQpYKofTb55GunG67SnZ4GKgRqOcp3lApdHdwej1d8oz9c4FYlAi6a9_QjnVcPHuC50gGmjbrizqIrA4xNIQvJZdBnlg7zSn-XrFgGC5ka4-u6SMiwsMuJCF2S7iI3slG9KvkhQdhWP43SvFepAe_ai7AuCzPsoaMfZvM3Mlupa3wn_bWjqvbQVBYyNPK5ePNyYBch_m1eQdFKuwy1IlL084of4WDf_CrgLLC9aDq2KMIURd0SdfntQf3BFh9PClhe0SmVF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.129.77 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-129-77.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:56 GMT
x-age: 0
content-length: 20
content-type: text/plain; charset=utf-8
x-served-by: usermatch-a020-ash-prod.krxd.net
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=992f3eabc2e5b946ab29781964232417

43 B
556 B

311ms
111ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=992f3eabc2e5b946ab29781964232417

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZMYJ2XVFPBMZZZDN1Z8W
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=992f3eabc2e5b946ab29781964232417
date: Wed, 24 Aug 2022 16:23:55 GMT
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: u0bIWDAvdDgyXoaInV3WuZC65D47ONswtUkg1esazA_c7FI3XUQoVA==
x-cache: Miss from cloudfront

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 4422 43 B
145 B 32ms
26ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=L3rlJS_6SjWyhCzPD6voXA&dmt=3&ex-pl-n-g-hmt=57phGvccTV-MzWWFEwWPnA&ep=mfS4I4Lxm4iN8M-0MyueFW4dQAsUGf84AwV32uclPzj4gugl9UqC11hthnnkrWqFcNoN749aEoBdqEn8OG-R5I0bzgCbOAHL1x5gOSRA0IbT6jdnjcDgaIumhl1kb-EWhMo5oIX8rL3G5vWqkWuC6s5lEqqUJr0o-rEw8HmwPn2riDf8udC8dXHulxQpYKofTb55GunG67SnZ4GKgRqOcp3lApdHdwej1d8oz9c4FYlAi6a9_QjnVcPHuC50gGmjbrizqIrA4xNIQvJZdBnlg7zSn-XrFgGC5ka4-u6SMiwsMuJCF2S7iI3slG9KvkhQdhWP43SvFepAe_ai7AuCzPsoaMfZvM3Mlupa3wn_bWjqvbQVBYyNPK5ePNyYBch_m1eQdFKuwy1IlL084of4WDf_CrgLLC9aDq2KMIURd0SdfntQf3BFh9PClhe0SmVF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:56 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=KlRnq3ILRdvZvvNgXf00NDc4ZHk4ZgIC

43 B
556 B

107ms
107ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KlRnq3ILRdvZvvNgXf00NDc4ZHk4ZgIC

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GNV75DGYXW0W37NHHY9M
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZbNfavKcw16uRPeG9UhuR6bX%2B7%2B4UnfY1BE8siqPOg%2Bivg5GtCitz8T2cYVQoXS3%2B4ddwAIwL4WQrxF5b%2FMzBBZQOpt9%2BdQUPwhuj5rQnxMYHOmN7j4GCxjREsMhzQeXit%2BLaaA1VsCog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KlRnq3ILRdvZvvNgXf00NDc4ZHk4ZgIC
cache-control: no-cache
cf-ray: 73fd6f71e9e5d51a-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=709C8E6459DFCA9D

43 B
556 B

110ms
110ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=709C8E6459DFCA9D

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3Q2TZE2CAQ02E0HNPPK9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
frontend-id: 7
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=709C8E6459DFCA9D
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=56328670669442281&ex=appnexus.com

43 B
556 B

107ms
107ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=56328670669442281&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3Z97YBK8KA4QYB4SQPEY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
X-Proxy-Origin: 37.59.164.105; 37.59.164.105; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0abe4819-743f-4fa9-bea5-73361e574cc5
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?id=56328670669442281&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 4422 0
74 B 31ms
18ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=7M7pKMxhSvKX3cUqzyTVKw&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=L3rlJS_6SjWyhCzPD6voXA&dmt=3&ex-pl-n-g-hmt=57phGvccTV-MzWWFEwWPnA&ep=mfS4I4Lxm4iN8M-0MyueFW4dQAsUGf84AwV32uclPzj4gugl9UqC11hthnnkrWqFcNoN749aEoBdqEn8OG-R5I0bzgCbOAHL1x5gOSRA0IbT6jdnjcDgaIumhl1kb-EWhMo5oIX8rL3G5vWqkWuC6s5lEqqUJr0o-rEw8HmwPn2riDf8udC8dXHulxQpYKofTb55GunG67SnZ4GKgRqOcp3lApdHdwej1d8oz9c4FYlAi6a9_QjnVcPHuC50gGmjbrizqIrA4xNIQvJZdBnlg7zSn-XrFgGC5ka4-u6SMiwsMuJCF2S7iI3slG9KvkhQdhWP43SvFepAe_ai7AuCzPsoaMfZvM3Mlupa3wn_bWjqvbQVBYyNPK5ePNyYBch_m1eQdFKuwy1IlL084of4WDf_CrgLLC9aDq2KMIURd0SdfntQf3BFh9PClhe0SmVF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:56 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=oKipUDcfrKv8H-HEsY0OHA&ex=rubiconproject.com&status=ok

43 B
556 B

112ms
112ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=oKipUDcfrKv8H-HEsY0OHA&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8DPNRF8467JV86095XRM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=oKipUDcfrKv8H-HEsY0OHA&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=57phGvccTV-MzWWFEwWPnA&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
556 B

318ms
109ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VXWG5Y01D8XC1EXM0ARM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadus.exelator.com/load/ Frame 4422 0
620 B 499ms
29ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=L3rlJS_6SjWyhCzPD6voXA&dmt=3&ex-pl-n-g-hmt=57phGvccTV-MzWWFEwWPnA&ep=mfS4I4Lxm4iN8M-0MyueFW4dQAsUGf84AwV32uclPzj4gugl9UqC11hthnnkrWqFcNoN749aEoBdqEn8OG-R5I0bzgCbOAHL1x5gOSRA0IbT6jdnjcDgaIumhl1kb-EWhMo5oIX8rL3G5vWqkWuC6s5lEqqUJr0o-rEw8HmwPn2riDf8udC8dXHulxQpYKofTb55GunG67SnZ4GKgRqOcp3lApdHdwej1d8oz9c4FYlAi6a9_QjnVcPHuC50gGmjbrizqIrA4xNIQvJZdBnlg7zSn-XrFgGC5ka4-u6SMiwsMuJCF2S7iI3slG9KvkhQdhWP43SvFepAe_ai7AuCzPsoaMfZvM3Mlupa3wn_bWjqvbQVBYyNPK5ePNyYBch_m1eQdFKuwy1IlL084of4WDf_CrgLLC9aDq2KMIURd0SdfntQf3BFh9PClhe0SmVF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:56 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D9C5006636274138F02842F63

43 B
556 B

111ms
111ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D9C5006636274138F02842F63

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: C5RGGFXZ7969F398E8NM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 24 Aug 2022 16:23:56 GMT
Server: openresty/1.15.8.2
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D9C5006636274138F02842F63
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Content-Length: 151
Expires: Wed, 24 Aug 2022 16:23:55 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=430eba9697f583bd5759093107ff5a89427fc3ad4d075e8cc409c3f93893018e

43 B
556 B

111ms
111ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=430eba9697f583bd5759093107ff5a89427fc3ad4d075e8cc409c3f93893018e

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Q2BMXZEQVYGM9CRKSGX4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:56 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=430eba9697f583bd5759093107ff5a89427fc3ad4d075e8cc409c3f93893018e
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4422 0
166 B 68ms
20ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=L3rlJS_6SjWyhCzPD6voXA&dmt=3&ex-pl-n-g-hmt=57phGvccTV-MzWWFEwWPnA&ep=mfS4I4Lxm4iN8M-0MyueFW4dQAsUGf84AwV32uclPzj4gugl9UqC11hthnnkrWqFcNoN749aEoBdqEn8OG-R5I0bzgCbOAHL1x5gOSRA0IbT6jdnjcDgaIumhl1kb-EWhMo5oIX8rL3G5vWqkWuC6s5lEqqUJr0o-rEw8HmwPn2riDf8udC8dXHulxQpYKofTb55GunG67SnZ4GKgRqOcp3lApdHdwej1d8oz9c4FYlAi6a9_QjnVcPHuC50gGmjbrizqIrA4xNIQvJZdBnlg7zSn-XrFgGC5ka4-u6SMiwsMuJCF2S7iI3slG9KvkhQdhWP43SvFepAe_ai7AuCzPsoaMfZvM3Mlupa3wn_bWjqvbQVBYyNPK5ePNyYBch_m1eQdFKuwy1IlL084of4WDf_CrgLLC9aDq2KMIURd0SdfntQf3BFh9PClhe0SmVF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:23:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4422
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=f9947e75-ee06-4764-882f-286df0aba9bd-tuct9ffd61c

43 B
556 B

111ms
111ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=f9947e75-ee06-4764-882f-286df0aba9bd-tuct9ffd61c

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Aug 2022 16:23:56 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NHN7HNKQ0NPR2CTR6VW0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=f9947e75-ee06-4764-882f-286df0aba9bd-tuct9ffd61c
date: Wed, 24 Aug 2022 16:23:56 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 19047

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 0538 0
181 B 63ms
36ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=jp8nt4i&ref=http%3A%2F%2Fvenom.com%2F&upid=vww3fws&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a2.adform.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Wed, 24 Aug 2022 16:23:57 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=7273FF36EE564171AED6D61B5CDD9860&RedC=c.clarity.ms&MXFR=022EF28D08736E6D0C5FE0870C7360DF
https://c.clarity.ms/c.gif?CtsSyncId=7273FF36EE564171AED6D61B5CDD9860&MUID=2D0CE87F7446632D0A68FA7575B362A5

42 B
391 B

30ms
30ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=7273FF36EE564171AED6D61B5CDD9860&MUID=2D0CE87F7446632D0A68FA7575B362A5
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:58 GMT
last-modified: Wed, 17 Aug 2022 23:56:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "de363c295b2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 24 Aug 2022 16:23:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8BFC2CC46FF349B4B8B00D182A10B656 Ref B: AMBEDGE0712 Ref C: 2022-08-24T16:23:58Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=7273FF36EE564171AED6D61B5CDD9860&MUID=2D0CE87F7446632D0A68FA7575B362A5
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

116 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 05:30:44	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.venom.com/	1969-12-31 23:59:59	Name: check Value: true
.bing.com/	1970-01-20 14:50:54	Name: MUID Value: 2D0CE87F7446632D0A68FA7575B362A5
.venom.com/	1970-01-20 07:38:54	Name: _gcl_au Value: 1.1.621412479.1661358234
.scorecardresearch.com/	1970-01-20 14:50:54	Name: UID Value: 1E0932b01002cec6bfb8f131661358234
.venom.com/	1970-01-20 15:05:18	Name: mbox Value: session#4f3d9c84b3e547f982df0f1ced22a4f4#1661360095\|PC#4f3d9c84b3e547f982df0f1ced22a4f4.37_0#1724603035
.venom.com/	1970-01-20 05:29:20	Name: mboxEdgeCluster Value: 37
.venom.com/	1970-01-20 05:30:44	Name: _uetsid Value: 2586822023c911ed9f3317cab187bcac
.venom.com/	1970-01-20 14:50:54	Name: _uetvid Value: 2586823023c911eda8c019d2bf66ba61
.venom.com/	1970-01-20 07:38:54	Name: _fbp Value: fb.1.1661358234387.186797439
.facebook.com/	1970-01-20 07:38:54	Name: fr Value: 0lY44cgFGo8IpVPZI..BjBlCa...1.0.BjBlCa.
.doubleclick.net/	1970-01-20 14:50:54	Name: IDE Value: AHWqTUmKZqpOqQGeakNCE-OsRSTvM_UyGmDPy0ZlGmLzIbNWtgJnoMoLqGY8xA9rD-Y
.adform.net/	1970-01-20 06:13:56	Name: C Value: 1
.adform.net/	1970-01-20 06:55:42	Name: uid Value: 5021393057866936831
.adform.net/	1970-01-20 05:30:44	Name: CM Value: 1\|1
www.clarity.ms/	1970-01-20 14:14:54	Name: CLID Value: 62b095c41a3544a1a782869e264abb89.20220824.20230824
.adform.net/	1970-01-20 05:49:27	Name: CM14 Value: 1661444635_1661358235_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.seadform.net/	1970-01-20 06:55:42	Name: uid Value: 5021393057866936831
.venom.com/	1970-01-20 14:14:54	Name: _clck Value: 1j0lpte\|1\|f4a\|0
.adscale.de/	1970-01-20 14:11:34	Name: uu Value: d23255f403ca4a749d1472a2d68f9647
.adscale.de/	1970-01-20 14:11:34	Name: cct Value: 1661358235100
.ih.adscale.de/	1970-01-20 14:11:34	Name: tu Value: 4#277017955#42~5021393057866936831~461488~0~0
.casalemedia.com/	1970-01-20 14:14:54	Name: CMID Value: YwZQmyI-D6Op7LBUJJhaAQAA
.casalemedia.com/	1970-01-20 07:38:54	Name: CMPS Value: 5150
.casalemedia.com/	1970-01-20 07:38:54	Name: CMPRO Value: 5150
.yahoo.com/	1970-01-20 14:15:15	Name: A3 Value: d=AQABBJtQBmMCEC4BOSGQmdwgAVS6Xq_l-bIFEgEBAQGiB2MQYwAAAAAA_eMAAA&S=AQAAAoz0DM_HqfMVBV4e8eEhEQ8
.semasio.net/	1970-01-20 14:14:54	Name: SEUNCY Value: 709C8E6459DFCA9D
.360yield.com/	1970-01-20 07:38:54	Name: tuuid Value: 7d15c22a-0ec3-4aa7-a120-e5e154cae658
.360yield.com/	1970-01-20 07:38:54	Name: tuuid_lu Value: 1661358235
ads.stickyadstv.com/	1970-01-20 06:55:42	Name: uid-bp-617 Value: 5021393057866936831
ads.stickyadstv.com/	1970-01-20 06:12:30	Name: UID Value: 9ded9bed981af8b7bd3a8b3e82d323ac
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 6932612789e0cc71ab6abc94a2d52087
.360yield.com/	1970-01-20 07:38:54	Name: um Value: !42,j14o4u6CrHv2aVMwTWbk2eK4TrUJ1TO7UbgHNu8rYV1K,1662567835
.360yield.com/	1970-01-20 07:38:54	Name: umeh Value: !42,0,1723566235,-1
.rlcdn.com/	1970-01-20 14:14:54	Name: rlas3 Value: TsaPRjcasqJICj5Q2MrnkIzxCjDuXKxqDSKV6BAe9yQ=
.eyeota.net/	1970-01-20 05:29:18	Name: SERVERID Value: 19563~DM
.bidswitch.net/	1970-01-20 14:14:54	Name: tuuid Value: 4cbb613e-8b48-4f5d-a2b9-1bd060563049
.bidswitch.net/	1970-01-20 14:14:54	Name: c Value: 1661358235
.bidswitch.net/	1970-01-20 14:14:54	Name: tuuid_lu Value: 1661358235
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.rlcdn.com/	1970-01-20 06:55:42	Name: pxrc Value: CJuhmZgGEgUI6AcQABIGCLrqARAA
.snapchat.com/	1970-01-20 14:50:54	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBiQ0AIAgEsIlIOPl0HESdguFtvQbDoKSMQ4pIyhCmWvPKwX5Z2Q13iM0h1vwB0glZNjIAAAA=
cm.adsafety.net/	1970-01-20 14:14:54	Name: UID Value: CM12022082416a08354abb2da9ec46b7
.adsafety.net/	1970-01-20 14:14:54	Name: cm_uid Value: CM12022082416a08354abb2da9ec46b7
.krxd.net/	1970-01-20 09:48:30	Name: _kuid_ Value: PCZyROF4
tags.adsafety.net/	1970-01-20 14:14:54	Name: UID Value: c091b8d24089fe7fe3ba6c4daa4120da
tags.adsafety.net/	1970-01-20 14:14:54	Name: DID Value: c091b8d24089fe7fe3ba6c4daa4120da
tags.adsafety.net/	1970-01-20 14:14:54	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 14:14:54	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 06:12:30	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 14:14:54	Name: ct_uid Value: c091b8d24089fe7fe3ba6c4daa4120da
.adsafety.net/	1970-01-20 14:14:54	Name: ct_did Value: c091b8d24089fe7fe3ba6c4daa4120da
.adsafety.net/	1970-01-20 14:14:54	Name: ct_idt Value: 100
.mgid.com/	1970-01-20 15:05:18	Name: muidn Value: m7oTFD7gvtn9
.mgid.com/	1970-01-20 05:29:20	Name: __cf_bm Value: vxU82PRjIlGVFEO7Gf2Mf3m1ROxbWYx2ZMuOfDJxUN0-1661358235-0-AVcrcDb0O/duTD7Q45tIeZEEsTahnykCVjCts9+KA6eeV/++wHoVHANx3Uh2SNEmLIeCIKZISA3/YrHOVoz9LNs=
cm.adsafety.net/	1970-01-20 14:14:54	Name: permanent Value: 1
.adnxs.com/	1970-01-20 07:38:54	Name: uuid2 Value: 56328670669442281
.onaudience.com/	1970-01-20 14:14:54	Name: cookie Value: c75ea1afbaa075d1
.onaudience.com/	1970-01-20 05:30:44	Name: done_redirects219 Value: 1
.venom.com/	1970-01-20 05:30:44	Name: _clsk Value: 90zc37\|1661358235588\|1\|1\|h.clarity.ms/collect
ads.smartstream.tv/	1970-01-20 14:14:54	Name: DID Value: c091b8d24089fe7fe3ba6c4daa4120da
ads.smartstream.tv/	1970-01-20 14:14:54	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 14:14:54	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 06:12:30	Name: cm_uid Value: CM12022082416a08354abb2da9ec46b7
cm.mgid.com/	1970-01-20 06:12:30	Name: mg_sync Value: {"433145":1661358235}
.amazon-adsystem.com/	1970-01-20 10:46:06	Name: ad-id Value: A3htetQeTEtcnUzLemhs6bo
.amazon-adsystem.com/	1970-01-20 15:05:18	Name: ad-privacy Value: 0
.agkn.com/	1970-01-20 14:14:54	Name: ab Value: 0001%3AXy9ktf%2BnJtTHoVmMbV6fG1bR0BuNbsuu
.zeotap.com/	1970-01-20 14:14:54	Name: zc Value: f1c88136-2755-4f56-4b0d-e2c9b03f3991
.zeotap.com/	1970-01-20 05:30:44	Name: zsc Value: %A4%B1%23%2A%1A%8B%BD%0A%F7%80%FC%DF%E4%C6%F48+%BCJT%15%21i%DF-%AF%94%EA%FC%0E%C33%18%7F%7B%CA%7Dt0c%D9%10F%60%3E%96%1B%A3y%A4%F8n%85ao%14%FB~%21Z%F5%C3o%88o92%92%A8%AB2~F%2A%EE%998%15%E0%C0%FDF%23
.adfarm1.adition.com/	1970-01-20 07:38:54	Name: UserID1 Value: 7135479286281468053
.demdex.net/	1970-01-20 09:48:30	Name: demdex Value: 74892122384118107972416562787489154520
.mathtag.com/	1970-01-20 14:55:13	Name: uuid Value: 71d66306-509b-4600-af9a-9099b9082404
.twitter.com/	1970-01-20 15:05:18	Name: personalization_id Value: "v1_UHj5rFiCrVjy6SCrt7edhw=="
cm.adsafety.net/	1970-01-20 14:14:54	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaM0Rka2JMcU9VUG5mVDd4MVFteGlqTkFWV2lsUXFUa2ppc2Q5eVpzdTR5Y2h4WVFMRWJGNGx5eUYzYVk3a21GS1IzRmpnM2Z0VEltVVVqYVFBQWt6TktLdUJycWh3b3lCVHVDN1VqOWEyYmRZc1RWd3dQVVpIUU1SSXFBZTZYTHRzY0I3VTVtWFU1TDMzMDArOEJFM0R0a015ekdlbDhOM2FwdzIwQ09NYm1wTE5OaGl0OGYyakEwMCtXMnJCeVVSaFpaT1o4a0E4aEZqbGZQVmxzWUYyeFY3am9oTGRNMDhwL3U3VmRwSzlSb05BZUFReUx6dnJ4MFhRN3ZPZkdqTUMwc0FsbW5OSzFBU2cvV0MrcSsxMVhubTFyWGlRaEx1bUFCcXp6ZWxxcTduSlhPcVRKOGpFZ1h5MC93bGp6ZEZ6TW9aQU91MVNaRS91L3ZicGRQaWNXUVYwemw4T0VQNUZteTVmanJsd29KR3FDaWUwOVVSRVFxSjBaK0t6ajdmYjd0MEg1c3ZiaFgrTDdkRnpXUm1Kek1Tc05JWExFOUo2OWFGY2c0WGh6RTFwUXE0M3R1ZnhhVUJzaklRVWRkcTBIMjdkYytFTGpCTVFsVXFtYUllUmlIK3NsSzZHQ2d2WTlSdy9QUSs0d2NuNlpNRkRLTmYza2UyOXBzOHdmUHhQbGo5c3F1WllDWHplR2N5eWFWdjlFRDlia0xCcUxSMXZYSDFNUXBCbkV1RmtnWG5nZmoyc3VobjZXUDJVVWhMVWdQOXZFbEZJWFlwK0VUQkJBaTFubXRneXgvRDNXUUVYTml6K0JtTEx5V2h0ckpoQmdUT2tKcW9tQWlFRWVMZnVEOUMyanl2UmF4THBuMFBwNGZIUHNlMFFyQVJNK0pYSGxOT2ZyblA3UVF1cTY5SkpEMU5uNGxVY09xNStQR3ZlVThocGJTTHNuL0Rqb2dZbGRIQnZSaWZBZlJmZUVScTdPQXpNNXhRWHk0MC9kaUtNdmZveHZVZHBtWmQyNnJYMFhiY3Z2STUxSUc1dWxjWmprYzFHak1tSmZYT0M3YmNjOTNpQWw5NzNtSFlrSFpycHhSQVh5czFWbHNCRDluUEE9PQ%3D%3D
.dpm.demdex.net/	1970-01-20 09:48:30	Name: dpm Value: 74892122384118107972416562787489154520
.adnxs.com/	1970-01-20 07:38:54	Name: anj Value: dTM7k!M40]Erk#WF']wIg2GVTi('::!]tbPl1M66+q([OUf!LCSjO'Z_'<rgOujD-_)l@RXyu$O4Q@ue3Rg?uw-^`hn#G.Z5gBWYPn@pV535Lt3Q6n'[aD*CPJIYAPlZ[C[-kX-jcgd#
.analytics.yahoo.com/	1970-01-20 14:14:54	Name: IDSYNC Value: "1760~26rs:195g~26rs"
ads.stickyadstv.com/	1970-01-20 05:49:27	Name: uid-bp-30833 Value: 1
.audrte.com/	1970-01-20 05:50:54	Name: arcki2_adform Value: 5021393057866936831!20210804!1661358235885
.audrte.com/	1970-01-20 05:39:23	Name: arcki2_TTT Value: 1661358235886!d82DVDujGSUQuuzN6fQgSch3A!H4sIAAAAAAAAAD2WObJ2Jw6GF0NMFSABUthBB66uduDyBhDD/pfg53yBk388F8Q7att4MZrmte/JIq/lJbGzq8h6bam0lsq4Tc7a+bTrWV6s7K2uHC77dDnt1UhzmFZ7O9u9mmXPxyFr5fX6uz69rbZSjdJe152brsh668l+X8l6xpO6X4/nyfZb0qznKwymMkZeV2oe5u/uGvXOktr290oZed7oWXq9edWwHHX5iF7e3pZWqNdeJJd6Dte5Z5tTc+t9nqZMtVZ6HvM2fl5X86yjAAHT5rBez1xlyl2p3b7Nd8v7Dj6K27nJIhfzsMML4/X0Vh397p7PEiA4r2d/Q3KvY49mp84jaahGV/5fd2XwNQozHab3su7rZx/3NNtTC8i4Atgw8eGoPfe3dkjrZbeZbpyx9mqQMToQOn8SW7m2vQBSY9+WajszWtl5Gowpt0MQg792zm57z2k96fIXskB828s69fH66fmB9C13ywpLf/z5///89b///p3bbCO3Uj780hvbZZSZr/nIMt7MtiFrP9Wx/Dw/N10m4e0rlyMzay0IqBQeru+IR7d1TvK2EcU4OS4C0S0DYLbkKLurrQgASddrQW/o9YNYJzNb1ZJXqesE45p5uj2WeLXMbXx0L+id/XIB9tmlN2kvzeOvOSdNOXxUApUFZ9467EMWeZ1kwUDdLBvcZPmkaq2WLK3AnIFEXakbiq6mOUQM2o2ZK2ci9TMCskQiHVO91m72+CDYkGUoLDuPnueNXq6n9gDxs8/wjT0aRsRRN5trTM4tcmeK2j/y0PMTyLqI3s2ZaffSfeKwJmmPsNWmwPgGzNPQxgzP9x29avKKWhK81R8e2ijh+wjsJTCCo9brC0u+BKDSo72M8JBiBweQ9nzOa13Lk6ueKmNU6ZIXcstq6Nk7yr7EChYYs+6RtPSOpR+ifgPE60BlnwfuGhfhgvtOrUNiQwXYnpPUX7ZTwHaUYcHTZOIh331cEuQEMaNYNLv3lZ+h39hqpjfJ8Sjnc7uDo66BaN5tedwBEmdPXSWFtYhfwiBnaBlcN63kWtezeu5U9LTM1m4MPtw4KYKEWCXyGq+cpfqFQJoASWAQkvvLEvn+/yH0gkHcztbTNb2NIiZ69LmRSpNAvgzedAq2jjbEU7l9ognNz+f83PjBKk7c8ltUvlk3kYVIAxXsa4BZJ3pSrUTP/rRS+u74GtPA385jt/7NhHwrsHqDN9xiM056ZKE6k4y46KXLzrFIHdJ0fah71JlMEalpywdgQLxVxikVX/S6ZZfpu6Yh3NzpkVZO+fKt5FCkYKUvjHeqyUwbcp33kkAEktQ7so/Jz8ze3TAzBktColaiDrcMECfm0PhYeT43WU0JDUsIneeBY8wNBJ88qS0IrjoRe1dEnr4cKSg197sMFSwHzFlJUgnnD71QS3p0XXxBCB9wUkJw6aiku2Dux6/3JhKk6I/ggs11EihrcPule/Zedb63GfxSYyg/CC0QR+NGhnMxiYI3ib2Vjh4blSywdyqWIrONZM5xrngPg9mSlDAYH8TzffnUfuasE7fEhYhtHJJIqhqDf8XGcGc4MI4ajXPXizJLqZ4w0tWFNvYkyfSROtG956Hzdoh1kE4UcuHJkZFXYL7J4GVRulK2hRCUpaWY1px8RE+TMmmfpS7ytNjvgjPzleS9RwnOR872uYVGGDgs7q2x9xdlg46nciE7o2mM4IuTJhEckzae49IhPW0/h9r6mr3wUd3kfMcSO6LH+Lru1XRlhn1VapsCUmFDYZqJ7+xw+DhsN8mF/p7vm5QCpJm+glszt7jeYlX4beR4wRcVvRkQytwVmzPYV+5B43tlOfm3BVmQCqLFHzVt6kF5dv7swqDEG3HDX621Ld6Eq4kaJL2+ydg8shS/cMWTO2+SM2cl15M6e805LBZykcb49NPk5qtFN3Sh2UZT9lJoj69BPpH136AcVxx+CNvQkl4xtI00hr0v2RpRU4zb2dc2mrl6CsW8xjrWcvdviyLusvXNUvaIsyl4/QwiubbVjfIoqF/fpLVsfwtMm0DH8LeQR7OseIT7+QqHzYGUgQviZ/pl/RliieWKHuU66vbrt4P32UHo3GUMZY8iSKPc+g6vR9rl21gO/ANb/8x9RHFax2fCBkD798WKwKpFxbcvKojEzc5T+6iJzaHGpd+O9S9IH2cuNO1daScCY6CfxgqEUxj820vV8T74jlzYe9rUdlmjki2WwwajmwloWliOHw5NKZaqcYhkRPntV+c7n4zsrXydy0fOo+8SwSJp4QAbIpzEtsk+4pkl6Waq8QttVFVZJL3zAFIGYdqXR9Qp9OcuzxvJKOu0BOU0yyp5tv61N3W4Dv1W3gnlBIKA1/3qAE3LD4JDK1Ff7N8ol432fZT/A5cVkeQEDAAA
.audrte.com/	1970-01-20 05:50:54	Name: arcki2_ddp Value: CAESED_iMia22wyPEk9KShcrDEs!20210804!1661358236165
.weborama.fr/	1970-01-20 14:55:13	Name: AFFICHE_W Value: mkMZSAq3Pb2a27
.exelator.com/	1970-01-20 08:22:06	Name: EE Value: "7f5da87f250ae778037703243de601ae"
.1dmp.io/	1970-01-20 14:14:54	Name: uid Value: 26ad1770-23c9-11ed-acfd-901b0e8b2a6e
.w55c.net/	1970-01-20 14:59:32	Name: wfivefivec Value: 99qDULBP1OqTaA5
.myvisualiq.net/	1970-01-20 15:05:18	Name: tuuid Value: 4ed30039-96c3-42bd-9c33-fd4f9141263e
.myvisualiq.net/	1970-01-20 15:05:18	Name: c Value: 1661358236
.myvisualiq.net/	1970-01-20 15:05:18	Name: tuuid_lu Value: 1661358236
.w55c.net/	1970-01-20 06:12:30	Name: matchadform Value: 5
.exelator.com/	1970-01-20 08:22:06	Name: ud Value: "eJxrXxzq6XKLQcE8zTQl0cI8zcjUIDHV3NzCwNjc3MDYyMQ4JdXMwDAxdXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAZEl%252BUWb6IregxUUpaQyLSopPBR%252FMCAUAg8UpwQ%253D%253D"
.audrte.com/	1970-01-20 05:50:54	Name: arcki2 Value: d82DVDujGSUQuuzN6fQgSch3A!20210804!1661358236268
.mookie1.com/	1970-01-20 14:58:06	Name: id Value: 10820390686303665369
.mookie1.com/	1970-01-20 14:58:06	Name: mdata Value: 1\|10820390686303665369\|1661358236314
.mookie1.com/	1970-01-20 14:58:06	Name: ov Value: 4d011610535407ea3232916c9fd9284c
.tapad.com/	1970-01-20 06:55:42	Name: TapAd_TS Value: 1661358236353
.tapad.com/	1970-01-20 06:55:42	Name: TapAd_DID Value: f6349bd0-bc3a-486b-9be8-bcd257fb5942
.spotxchange.com/	1970-01-20 06:09:37	Name: audience Value: 26bcf4fb-23c9-11ed-9e51-199d37980206
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1661358236_1
.serving-sys.com/	1970-01-20 07:38:54	Name: u2 Value: f1b056e5-99b4-4864-8c57-69ce3ec6f9054Is060
.tapad.com/	1970-01-20 06:55:42	Name: TapAd_3WAY_SYNCS Value:
.t.co/	1970-01-20 15:05:18	Name: muc_ads Value: 41c82225-a792-47d7-aaf3-1141c79a984b
ads.samba.tv/	1970-01-20 14:59:32	Name: sambapxid Value: fe16457bac348229
.casalemedia.com/	1970-01-20 07:38:54	Name: CMTS Value: 5129
.ispot.tv/	1970-01-20 15:05:18	Name: pt Value: v2:430eba9697f583bd5759093107ff5a89427fc3ad4d075e8cc409c3f93893018e\|15f8489bde6930f571e5e62789bb22ff5656426d17c7a38fb3f29595c2033c71
.ninthdecimal.com/	1970-01-20 09:48:30	Name: ndat Value: LU+0v2MGUJyPE3RiYy+EAg==
.id5-sync.com/	1970-01-20 05:29:18	Name: cf Value:
.id5-sync.com/	1970-01-20 05:29:18	Name: cip Value:
.id5-sync.com/	1970-01-20 05:29:18	Name: cnac Value:
.id5-sync.com/	1970-01-20 05:29:18	Name: car Value:
.id5-sync.com/	1970-01-20 05:29:18	Name: gdpr Value:
.id5-sync.com/	1970-01-20 05:29:18	Name: callback Value:
.c.bing.com/	1970-01-20 14:50:54	Name: SRM_B Value: 2D0CE87F7446632D0A68FA7575B362A5
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 14:50:54	Name: MUID Value: 2D0CE87F7446632D0A68FA7575B362A5
.c.clarity.ms/	1970-01-20 05:29:18	Name: ANONCHK Value: 0

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://venom.com/c Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
javascript	warning	URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tags.bkrtx.com/js/bk-coretag.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tags.bkrtx.com/js/bk-coretag.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9096304.fls.doubleclick.net
a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.samba.tv
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
amazon.partners.tremorhub.com
analytics.tiktok.com
analytics.twitter.com
api.adrtx.net
assets.adobedtm.com
b.scorecardresearch.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c.bing.com
c.clarity.ms
c1.adform.net
cm.adsafety.net
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
connect.facebook.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
global.ib-ibi.com
googleads.g.doubleclick.net
h.clarity.ms
i.annihil.us
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
lciapi.ninthdecimal.com
lm.serving-sys.com
load77.exelator.com
loadm.exelator.com
loadus.exelator.com
marvel.tt.omtrdc.net
match.adsrvr.org
match.contentexchange.me
mwzeom.zeotap.com
odr.mookie1.com
pdw-adf.userreport.com
pi.ispot.tv
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
public-prod-dspcookiematching.dmxleo.com
px.surveywall-api.survata.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s.amazon-adsystem.com
s2.adform.net
s3-eu-west-1.amazonaws.com
sb.scorecardresearch.com
sc-static.net
se.semasio.net
secure.adnxs.com
simage2.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
sync.1dmp.io
sync.crwdcntrl.net
sync.search.spotxchange.com
sync.taboola.com
sync.teads.tv
t.co
t.myvisualiq.net
tags.adsafety.net
tags.bkrtx.com
tags.bluekai.com
token.rubiconproject.com
tr.snapchat.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
venom.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.imdb.com
x.bidswitch.net
px.surveywall-api.survata.com
104.18.18.126
104.18.19.126
104.19.132.78
104.244.42.195
104.244.42.5
108.138.15.119
13.32.121.72
136.243.148.229
139.162.159.252
141.226.228.48
141.95.98.64
142.250.184.194
142.250.74.198
15.235.15.221
151.101.66.132
172.217.18.2
178.79.242.57
18.157.60.148
18.66.120.247
185.167.164.37
185.64.190.80
185.86.137.133
185.89.210.122
185.89.211.84
185.94.180.126
188.65.124.66
198.47.127.19
199.232.136.157
2.18.233.201
2.18.79.136
20.234.93.27
212.82.100.182
23.36.163.232
23.47.209.72
23.7.201.234
2600:1f18:612b:4216:bf1f:4380:1bf2:c0ae
2600:9000:223f:9000:1b:5138:8a40:93a1
2606:4700:10::6816:1957
2620:1ec:27::cafe:1389
2620:1ec:c11::200
2a00:1450:4001:800::2008
2a00:1450:4001:806::2004
2a00:1450:4001:809::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a02:26f0:3500:587::1e80
2a02:6ea0:c700::19
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
3.121.253.223
3.124.210.90
3.124.40.150
3.126.56.137
3.127.124.165
3.127.94.112
3.209.91.249
3.64.108.197
3.71.169.66
3.73.240.107
34.240.147.141
34.253.74.200
34.254.143.3
34.98.64.218
34.98.67.61
35.190.24.218
35.190.43.134
35.227.248.159
35.244.174.68
37.157.4.40
37.157.6.234
37.157.6.248
45.79.180.191
46.19.11.36
51.77.65.169
52.210.189.116
52.218.80.44
52.222.214.74
52.222.237.72
52.223.40.198
52.224.31.34
52.23.73.66
52.30.246.43
52.31.151.225
52.46.151.131
52.58.39.37
54.164.129.77
54.225.217.42
69.169.86.38
69.173.144.138
72.32.138.96
76.223.111.18
77.243.60.138
85.114.159.93
91.210.226.73
96.16.132.239
96.16.135.39
02e99527184bc2978eadc2b26a81ba2880fd3303ae197e83165f65d9f0be5a77
0978c65b094108a91eaa072e453fa99386ab2518e7958bb3a2573c4470182d23
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0af910f97a4d57695329e707e2e27fc8870324c8cf4a2bef75925d7c34a418c0
1051bda167cd024237ad896012b9dfe69d1cc39e774a515f733127bf263d2077
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1287fc0aa84dc8d13adf7173f344a0143511840be8c95fa6203396984a462d4b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
252e0c85e488cc3574471ed7211571ad207f77426690a0ae8c1bd13fc4007cbb
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34da65a434d76d99155ad82012f852c1a160574c61ce24864c95c4a78b30befa
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3c11357a4cf9c8c8c615445506811623b36143d81f586978c1ae7ec7e5ab677a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
3f56af20b4e1e5bbf21ad0ef040a4af61c6f2909dda117793e26f629306cb559
421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb
47294431730e6090be04c72b6f7765233f267765c5218271fdf08cf27028c037
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d06dee68c8191d49ee2ec3bfa11c174993cf853a684ebba59bb8d2f0583f8f4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b67b4868edfa827e6c22ef20ed8d69c35163d76a84df51d7243b656822a1c33
5c948def2b7a4453ae2f5c6bc1c7ba94f2d42b316da4ae1c82951f056948ebe3
5f5bf95851741a5ab2d210b5c8f5b2ec5964c561151ca471100508cd228f30ae
606aeba72580863b6f94f94a6b9d4bda72f17ff65e4adb951356d2a7f545707e
663ff8eab70b3c94152fa2e11d5cd753526e2367a467416eb5b0b2b55730e9a3
6a02ab1864187a4cf7168813c2ae2e17b0f84cdd8b64e86914b73ba2a0d3d903
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
76b895796ba3227185f234d06d5dc99627e7121f9afc30b8e33a842ef90d59fc
77ed783446d00b1e37a0b20884a60272fd27f68267035aafd40eece3bf746f27
7e102e38504ed809983860fbbb54449aff8623ff9ad1eebcffe81bbc71a6fbd3
7f97c6a1ea2bf81c7d7985b58a97cacbcde60f9843da73a229d573ba35361223
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9de4f673716b252fef4a1795d755e7dc8093ff9f296fb8694bffdb65c08de02a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a8d2652bbfcd895f59d7e9bb7095e5e8f67f002611001b50a761f64ae16b20f0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b102eb93c07def730eca53fb022464998672643e281691954bbaf6d220d4fd85
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c8384f493600f8ca471b69029eb14dc4a9b7e4070305c2f418752d0fc4ceef
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b417ac33be7f47360fe4c8cc9f7ed317235077d0eb3e648f13cd62bc7029eebe
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0f1f135a2ae4d7a85ecdd329fca4d549b170f7599ade2c8b8c38c2cc851b36c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cb92ab1552120973800555a5a9928b9990264e72e958ed2d77e4595700f434a9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dcc98914fe2648542cedb88a1c413bd96e038bf806acbb4f8429e596215abd12
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e20ff86a2187601640feadcfe9e738199ea70221b9a4bb97093c1653c7dcf5f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e761cf0d058a8e35bec470e90841328ff169ccf3a2c803e9cfb67e907db693fc
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efac46b38284140bd209eb750d50843d8c7de11b7238b1b5fadc83a22c20ce30
f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d

venom.com Open in urlscan Pro 72.32.138.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

147 Requests

59 %HTTPS

15 %IPv6

81 Domains

108 Subdomains

71 IPs

11 Countries

827 kBTransfer

1969 kBSize

116 Cookies

16 Outgoing links

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

venom.com Open in urlscan Pro
72.32.138.96 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

59 %
HTTPS

15 %
IPv6

81
Domains

108
Subdomains

71
IPs

11
Countries

827 kB
Transfer

1969 kB
Size

116
Cookies

147 HTTP transactions
0 data transactions