www.provisioneronline.com Open in urlscan Pro
208.91.60.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.provisioneronline.com/articles/111896-blowing-smoke
Effective URL:
https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Submission: On December 30 via manual (December 30th 2021, 4:51:59 pm UTC) from IE — Scanned from DE

Summary HTTP 196 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 62 IPs in 10 countries across 50 domains to perform 196 HTTP transactions. The main IP is 208.91.60.110, located in United States and belongs to NSIHOSTING-EQX-VA, US. The main domain is www.provisioneronline.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 1st 2021. Valid for: a year.

This is the only time www.provisioneronline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 36	208.91.60.110 208.91.60.110	14244 (NSIHOSTIN...) (NSIHOSTING-EQX-VA)
5	104.84.56.126 104.84.56.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3 5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	18.66.123.144 18.66.123.144	16509 (AMAZON-02) (AMAZON-02)
1 3	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
2	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
11	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	34.247.104.176 34.247.104.176	16509 (AMAZON-02) (AMAZON-02)
9	204.180.130.159 204.180.130.159	53866 (QTS-AS) (QTS-AS)
6	209.58.175.20 209.58.175.20	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.66.27 151.101.66.27	54113 (FASTLY) (FASTLY)
4	52.222.248.38 52.222.248.38	16509 (AMAZON-02) (AMAZON-02)
1	35.160.232.188 35.160.232.188	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3036::ac43:c834	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.18.16.23 37.18.16.23	205675 (HYBRID-AS) (HYBRID-AS)
1 3	2606:4700:20:... 2606:4700:20::ac43:44a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	204.180.130.165 204.180.130.165	53866 (QTS-AS) (QTS-AS)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	52.36.211.235 52.36.211.235	16509 (AMAZON-02) (AMAZON-02)
1	44.239.49.94 44.239.49.94	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1 8	52.35.10.191 52.35.10.191	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 2	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	54.76.84.232 54.76.84.232	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1	34.221.205.23 34.221.205.23	16509 (AMAZON-02) (AMAZON-02)
1	35.83.144.163 35.83.144.163	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
1	209.58.165.102 209.58.165.102	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	88.212.252.22 88.212.252.22	7979 (SERVERS-COM) (SERVERS-COM)
1	147.75.61.140 147.75.61.140	54825 (PACKET) (PACKET)
1	198.148.27.133 198.148.27.133	19189 (PULSEPOINT) (PULSEPOINT)
1	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	213.19.147.42 213.19.147.42	3356 (LEVEL3) (LEVEL3)
1	185.239.173.210 185.239.173.210	55081 (24SHELLS) (24SHELLS)
4	3.124.208.111 3.124.208.111	16509 (AMAZON-02) (AMAZON-02)
1 2	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
15	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.36.109.186 54.36.109.186	16276 (OVH) (OVH)
196	62

36 208.91.60.110 (United States) 1 redirects

ASN14244 (NSIHOSTING-EQX-VA, US)
PTR: provisioneronline.com

www.provisioneronline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.84.56.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.mediafuse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.123.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-123-144.fra60.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

5120040.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.hbmp.mediafuse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.104.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 204.180.130.159 (United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com

olytics.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 209.58.175.20 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ghb.hbmp.mediafuse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.248.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-248-38.fra60.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.160.232.188 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-232-188.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:c834 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.23 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:44a1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api-34-221-205-23.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.180.130.165 (United States)

ASN53866 (QTS-AS, US)

oqs.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.36.211.235 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-211-235.us-west-2.compute.amazonaws.com

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.49.94 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-49-94.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.35.10.191 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-10-191.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.132 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.84.232 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-84-232.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.221.205.23 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-221-205-23.us-west-2.compute.amazonaws.com

v4-api-34-221-205-23.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.83.144.163 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-144-163.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.58.165.102 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.252.22 (Russian Federation)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.133 (New York, United States)

ASN19189 (PULSEPOINT, US)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.239.173.210 (United Kingdom)

ASN55081 (24SHELLS, US)

ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.124.208.111 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-208-111.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.249 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7c5790e99b63aefbd32ba0b36020c9a5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.186 (France)

ASN16276 (OVH, FR)
PTR: p06.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	provisioneronline.com 1 redirects www.provisioneronline.com	1 MB
16	googlesyndication.com pagead2.googlesyndication.com 7c5790e99b63aefbd32ba0b36020c9a5.safeframe.googlesyndication.com tpc.googlesyndication.com	301 KB
16	doubleclick.net 2 redirects 5120040.fls.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	161 KB
15	yahoo.com c2shb.ssp.yahoo.com	2 KB
11	ad.gt 1 redirects a.ad.gt p.ad.gt ids.ad.gt pixels.ad.gt	16 KB
11	omeda.com olytics.omeda.com oqs.omeda.com	79 KB
9	mediafuse.com player.mediafuse.com player.hbmp.mediafuse.com ghb.hbmp.mediafuse.com	163 KB
8	criteo.com 2 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	7 KB
6	google.com adservice.google.com www.google.com	2 KB
5	adsrvr.org 3 redirects insight.adsrvr.org match.adsrvr.org	2 KB
4	sharethrough.com btlr.sharethrough.com	481 B
4	pubmatic.com 2 redirects image2.pubmatic.com hbopenbid.pubmatic.com	813 B
4	adnxs.com 2 redirects secure.adnxs.com ib.adnxs.com	4 KB
4	googletagservices.com www.googletagservices.com	109 KB
4	b2c.com 1 redirects api-34-221-205-23.b2c.com v4-api-34-221-205-23.b2c.com	7 KB
4	boltdns.net cf-images.us-east-1.prod.boltdns.net	88 KB
4	google-analytics.com www.google-analytics.com	22 KB
4	gstatic.com fonts.gstatic.com	68 KB
4	addthis.com s7.addthis.com m.addthis.com	217 KB
3	rubiconproject.com fastlane.rubiconproject.com	4 KB
3	1rx.io 2 redirects sync.1rx.io tag.1rx.io	1 KB
3	adtelligent.com sync.adtelligent.com Failed player.adtelligent.com ghb.adtelligent.com ghb1.adtelligent.com	5 KB
3	google.co.uk 1 redirects adservice.google.co.uk	1 KB
2	criteo.net static.criteo.net	54 KB
2	e-planning.net 1 redirects pbjs.e-planning.net	1 KB
2	openx.net u.openx.net adtelligent-d.openx.net	517 B
2	360yield.com 2 redirects ad.360yield.com	684 B
2	smartadserver.com 1 redirects sync.smartadserver.com	419 B
2	brightcove.com edge.api.brightcove.com	21 KB
2	ml314.com ml314.com	13 KB
1	id5-sync.com id5-sync.com	543 B
1	lijit.com ap.lijit.com	3 KB
1	contextweb.com bid.contextweb.com	193 B
1	a-mo.net prebid.a-mo.net	354 B
1	betweendigital.com ads.betweendigital.com	921 B
1	media.net prebid.media.net	831 B
1	creativecdn.com prebid-us.creativecdn.com	187 B
1	sonobi.com apex.go.sonobi.com	785 B
1	admixer.net inv-nets.admixer.net	515 B
1	onetag-sys.com onetag-sys.com	372 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	511 B
1	aufp.io aufp.io	3 KB
1	hybrid.ai dm.hybrid.ai	238 B
1	fouanalytics.com api.fouanalytics.com	969 B
1	addthisedge.com v1.addthisedge.com	1005 B
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	663 B
1	googletagmanager.com www.googletagmanager.com	45 KB
1	moatads.com z.moatads.com	1 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	adxpremium.services Failed rtb.adxpremium.services Failed
196	50

	Domain	Requested by
36	www.provisioneronline.com	1 redirects www.provisioneronline.com
15	c2shb.ssp.yahoo.com	player.hbmp.mediafuse.com
11	securepubads.g.doubleclick.net	www.provisioneronline.com securepubads.g.doubleclick.net www.googletagservices.com
9	olytics.omeda.com	www.googletagmanager.com www.provisioneronline.com olytics.omeda.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
8	ids.ad.gt	1 redirects www.provisioneronline.com
7	pagead2.googlesyndication.com	olytics.omeda.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	ghb.hbmp.mediafuse.com	player.hbmp.mediafuse.com
4	gum.criteo.com	2 redirects static.criteo.net
4	btlr.sharethrough.com	player.hbmp.mediafuse.com
4	www.googletagservices.com	olytics.omeda.com securepubads.g.doubleclick.net
4	cf-images.us-east-1.prod.boltdns.net	www.provisioneronline.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	fonts.gstatic.com	fonts.googleapis.com
3	mug.criteo.com
3	www.google.com	tpc.googlesyndication.com securepubads.g.doubleclick.net
3	fastlane.rubiconproject.com	player.hbmp.mediafuse.com
3	api-34-221-205-23.b2c.com	1 redirects www.provisioneronline.com
3	adservice.google.co.uk	1 redirects securepubads.g.doubleclick.net
3	adservice.google.com	5120040.fls.doubleclick.net securepubads.g.doubleclick.net
3	5120040.fls.doubleclick.net	1 redirects www.provisioneronline.com adservice.google.com
3	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net 5120040.fls.doubleclick.net
3	s7.addthis.com	www.provisioneronline.com s7.addthis.com
2	static.criteo.net	player.hbmp.mediafuse.com static.criteo.net
2	pbjs.e-planning.net	1 redirects www.provisioneronline.com
2	hbopenbid.pubmatic.com	player.hbmp.mediafuse.com
2	ib.adnxs.com	player.hbmp.mediafuse.com
2	sync.1rx.io	2 redirects
2	ad.360yield.com	2 redirects
2	sync.smartadserver.com	1 redirects www.provisioneronline.com
2	cm.g.doubleclick.net	1 redirects www.provisioneronline.com
2	image2.pubmatic.com	2 redirects
2	match.adsrvr.org	2 redirects
2	secure.adnxs.com	2 redirects
2	oqs.omeda.com	olytics.omeda.com
2	edge.api.brightcove.com	www.provisioneronline.com
2	ml314.com	www.provisioneronline.com ml314.com
2	player.hbmp.mediafuse.com	player.mediafuse.com player.hbmp.mediafuse.com
1	id5-sync.com	player.hbmp.mediafuse.com
1	7c5790e99b63aefbd32ba0b36020c9a5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ghb1.adtelligent.com	player.hbmp.mediafuse.com
1	adtelligent-d.openx.net	player.hbmp.mediafuse.com
1	tag.1rx.io	player.hbmp.mediafuse.com
1	ap.lijit.com	player.hbmp.mediafuse.com
1	bid.contextweb.com	player.hbmp.mediafuse.com
1	prebid.a-mo.net	player.hbmp.mediafuse.com
1	ads.betweendigital.com	player.hbmp.mediafuse.com
1	ghb.adtelligent.com	player.hbmp.mediafuse.com
1	prebid.media.net	player.hbmp.mediafuse.com
1	prebid-us.creativecdn.com	player.hbmp.mediafuse.com
1	apex.go.sonobi.com	player.hbmp.mediafuse.com
1	inv-nets.admixer.net	player.hbmp.mediafuse.com
1	onetag-sys.com	player.hbmp.mediafuse.com
1	bidder.criteo.com	player.hbmp.mediafuse.com
1	player.adtelligent.com	player.hbmp.mediafuse.com
1	u.openx.net	www.provisioneronline.com
1	pixels.ad.gt	p.ad.gt
1	v4-api-34-221-205-23.b2c.com	www.provisioneronline.com
1	sync.targeting.unrulymedia.com	1 redirects
1	p.ad.gt	a.ad.gt
1	aufp.io	a.ad.gt
1	dm.hybrid.ai	www.provisioneronline.com
1	api.fouanalytics.com	player.hbmp.mediafuse.com
1	a.ad.gt	player.hbmp.mediafuse.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	d1eoo1tco6rr5e.cloudfront.net	www.provisioneronline.com
1	player.mediafuse.com	www.provisioneronline.com
1	www.googletagmanager.com	www.provisioneronline.com
1	z.moatads.com	s7.addthis.com
1	fonts.googleapis.com	www.provisioneronline.com
0	rtb.adxpremium.services Failed	player.hbmp.mediafuse.com
0	sync.adtelligent.com Failed	player.hbmp.mediafuse.com www.provisioneronline.com
196	73

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
bnp.dragonforms.com
www.clearseasresearch.com
www.bnpmedia.com
www.myclearopinionpanel.com
www.epublishing.com

Subject Issuer	Validity	Valid
provisioneronline.com Go Daddy Secure Certificate Authority - G2	`2021-03-01` - `2022-03-01`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
player.mediafuse.com R3	`2021-11-17` - `2022-02-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
player.hbmp.mediafuse.com R3	`2021-12-12` - `2022-03-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.ml314.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.omeda.com SSL.com RSA SSL subCA	`2021-07-16` - `2022-07-21`	a year	crt.sh
ghb.hbmp.mediafuse.com ZeroSSL ECC Domain Secure Site CA	`2021-12-08` - `2022-03-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.adapter.ooyala.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-13` - `2022-06-14`	a year	crt.sh
*.prod.boltdns.net Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-09` - `2022-11-08`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
aufp.io Amazon	`2021-11-26` - `2022-12-24`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
player.adtelligent.com R3	`2021-11-19` - `2022-02-17`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2021-11-16` - `2022-12-17`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-12-08` - `2022-03-08`	3 months	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.a-mo.net R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-12-11` - `2022-03-11`	3 months	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.google.co.uk GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Frame ID: BE49323A4CAFC914BD90269F9BCA90B4
Requests: 154 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/v79hgpl/iframe
Frame ID: 1FBFBD3000B081991B1F113EC2C0B963
Requests: 2 HTTP requests in this frame

Frame: https://5120040.fls.doubleclick.net/activityi;dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474
Frame ID: CDF334F05E54835DF1F35EAD1390CC16
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: FD9F046F9362A5F6BD5F1A6674AFD8A7
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 37D3D6DDBA797CA53775E4928797F041
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474;~oref=https://www.provisioneronline.com/
Frame ID: 3C6DFF8091896E0B5FA8EF9D860A8640
Requests: 1 HTTP requests in this frame

Frame: https://5120040.fls.doubleclick.net/ddm/fls/r/dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474;~oref=https://www.provisioneronline.com/
Frame ID: CDEAD4BA886A06564B90A587D27240D5
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ea995a08-c3ff-4611-90d6-6334ea27d141
Frame ID: 8D7646DD91B22EA89BBC4914673EF98F
Requests: 1 HTTP requests in this frame

Frame: https://7c5790e99b63aefbd32ba0b36020c9a5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0CA8E92FDA55395C0D560240331B4008
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4900A391336EF614AB85651D35E58145
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8D9B7E7D59528D15EA8A832FFA1D9091
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwZAlL2FJeBaJqH3o9vKawdv0_th4L5oj5SdQ3XjBmUYAFaNfsWXxg1IIgW7zFIJnJAgvJxNAey99c5ZPyBS7iv_GVdGmozWvlkZvSt296nzwgyd4youN921YhR4-oQEr1uFAh8HQnHm7APG_f3ST9XYVErUHJq4OqzF70XqntKzTIiLOUY-krkjQE72kdL85yFU5x2eDUkjI6ClUbdfMsliPkhNaS2rdge0ZMQqtmYtm9sUEUgEF5sQcJh5gOxhEH_qcXsKZnIOrfizAgSEoAgCJFeJSSHGz40RFPmwVCyuYKoy8k3Zf_QJDZWtQqLfO8P_BJc4sJCIX3IA3t7k36&sig=Cg0ArKJSzOmsB5wUMH9tEAE&uach_m=[UACH]&adurl=
Frame ID: 750C48682933E7C5DB2749FE0A21D349
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZhy3R81_7uTGBT_Sodi7MOpYGRBP51Hp84KWEcoZhlfe5whcoR714S0tMo5NEyqYlsaxhfwZ4yBUQXhvQX0AsjJqHt7iygoLI32TsZ4cs-I5w_L2KAXRS3go1SEzgRzzvpEzPUG_iwj8uppWS8YI6qJeudnrES9ucyN8VJWwsDMnm8GFCOVwvav29Roc3nxLX7WlarbS0fjhB4-02Sjf14ixODS0pxfhEoR_J2Ucf9cheJnVBDFr9jphcE6YS1SM0Ge5Y7cwiPbQHTQEDw0xcwnbjUB3jSxk6xoHHAoBqxdpIv_WA_nRXvyQRlGWBiujSYtdOC0qKUW4jsvA04zbIQvHf91oC8M6NWuNJBOnRMxM&sig=Cg0ArKJSzESQ90mMcYKkEAE&uach_m=[UACH]&adurl=
Frame ID: 433DD46BEF67DA27AD67C947D8140034
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2d6fCHT3J_WSQr-5nwQQcfvr33gYHkrUR6tMSE_WKbwY6O5Sit_2fYSLtA8Ts2KroKPq4DuFATRZoKHLkZwG-R8C03vGkNODLUiIEz2JHJot6TZWyW0sdyNIMkhQtYMhBB9X9ZfF3SlwZmi4B0EYXiwhBH7xoWP5kCkornm1E-A6ktmQdVg0ra4TtL8n6ma0NcFgqp6W0Rjml6_LVXfuc-q7XmHN4M4TO8eAbzZkBhvoJXdQ0fHSwC82_YcnAu-KJmqkkz7UnOl_9kFDwqXhNBVxhWUY-kWiKO3dUpd4TYfwkOSydQWl3svE_0TyKV7Whrbw6SZAzZit3qTfcrT5HYXEstO8-dnIJh937bC0pO-eSlQ&sig=Cg0ArKJSzA0B6bVEJoTmEAE&uach_m=[UACH]&adurl=
Frame ID: 5C6B5ECA911361CB72925D283D0A6B3F
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.provisioneronline.com
Frame ID: 3A3E5982B321E4721F28346416D49658
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

| The National ProvisionerProvisioner logoProvisioner logoProvisioner logoProvisioner logoProvisioner logoProvisioner logoProvisioner logoProvisioner logoProvisioner logoProvisioner logo

Page URL History Show full URLs

https://www.provisioneronline.com/articles/111896-blowing-smoke HTTP 302
https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-... Page URL

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

196
Requests

92 %
HTTPS

26 %
IPv6

50
Domains

73
Subdomains

62
IPs

10
Countries

2666 kB
Transfer

6136 kB
Size

71
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/NationalProvisioner
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/NatProvisioner
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-national-provisioner
Title: linkedin

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/NationalProvisioner
Title: youtube

Search URL Search Domain Scan URL

URL: https://bnp.dragonforms.com/loading.do?pk=X.W.ENEWS&_ga=2.8170354.1508995687.1633934505-681450597.1621267133&omedasite=NPeNews
Title: eNewsletters

Search URL Search Domain Scan URL

URL: https://www.clearseasresearch.com/
Title: Market Research

Search URL Search Domain Scan URL

URL: https://bnp.dragonforms.com/NPeMagazineSubscription?pk=X_W_HOME
Title: SUBSCRIBE

Search URL Search Domain Scan URL

URL: https://bnp.dragonforms.com/init.do?pk=RSIGN&returnurl=https://www.provisioneronline.com/user/postlogin?redirect=https://www.provisioneronline.com/&omedasite=BNP6357_PROVIS550login
Title: Sign In

Search URL Search Domain Scan URL

URL: https://bnp.dragonforms.com/init.do?pk=RREGI&returnurl=https://www.provisioneronline.com/user/postlogin?redirect=https://www.provisioneronline.com/&omedasite=BNP6357_PROVIS550create
Title: Create Account

Search URL Search Domain Scan URL

URL: https://bnp.dragonforms.com/BNP6213_NPdigital?pk=W.HOME
Title: eMagazine Subscriptions

Search URL Search Domain Scan URL

URL: https://bnp.dragonforms.com/BNP6357_PROVIS550create&pk=RHOME
Title: Online Registration

Search URL Search Domain Scan URL

URL: https://twitter.com/natprovisioner

Search URL Search Domain Scan URL

URL: https://bnp.dragonforms.com/NPeMagazineSubscription?pk=X_W_PROMOEC
Title: SUBSCRIBE TODAY!

Search URL Search Domain Scan URL

URL: https://www.bnpmedia.com/direct-marketing/?oly_enc_id=
Title: List Rental

Search URL Search Domain Scan URL

URL: http://www.myclearopinionpanel.com/contact-us/
Title: Survey And Sample

Search URL Search Domain Scan URL

URL: https://www.bnpmedia.com/privacy?oly_enc_id=
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.bnpmedia.com/terms?oly_enc_id=
Title: TERMS & CONDITIONS

Search URL Search Domain Scan URL

URL: https://www.bnpmedia.com/do-not-sell?oly_enc_id=
Title: DO NOT SELL MY PERSONAL INFORMATION

Search URL Search Domain Scan URL

URL: https://www.bnpmedia.com/data-request?oly_enc_id=
Title: PRIVACY REQUEST

Search URL Search Domain Scan URL

URL: https://www.bnpmedia.com/accessibility?oly_enc_id=
Title: ACCESSIBILITY

Search URL Search Domain Scan URL

URL: http://www.epublishing.com/
Title: ePublishing

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.provisioneronline.com/articles/111896-blowing-smoke HTTP 302
https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://insight.adsrvr.org/tags/h83y0ff/v79hgpl/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/v79hgpl/iframe

Request Chain 20

https://5120040.fls.doubleclick.net/activityi;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474 HTTP 302
https://5120040.fls.doubleclick.net/activityi;dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474

Request Chain 62

https://adservice.google.co.uk/ddm/fls/i/dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474;~oref=https://www.provisioneronline.com/ HTTP 302
https://5120040.fls.doubleclick.net/ddm/fls/r/dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474;~oref=https://www.provisioneronline.com/

Request Chain 76

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ea995a08-c3ff-4611-90d6-6334ea27d141

Request Chain 88

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&adnxs_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D8501595a-a0f4-45db-b44b-6b8d917f7263%26adnxs_id%3D%24UID HTTP 302
https://ids.ad.gt/api/v1/match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&adnxs_id=1123660468915283092

Request Chain 89

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=8501595a-a0f4-45db-b44b-6b8d917f7263 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=8501595a-a0f4-45db-b44b-6b8d917f7263 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=323fb64c-037e-4225-8d05-5085901d4103&id=8501595a-a0f4-45db-b44b-6b8d917f7263

Request Chain 90

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D8501595a-a0f4-45db-b44b-6b8d917f7263 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D8501595a-a0f4-45db-b44b-6b8d917f7263 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=6790B737-1A09-4C19-99D6-0EA5608090FA&id=8501595a-a0f4-45db-b44b-6b8d917f7263

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=8501595a-a0f4-45db-b44b-6b8d917f7263 HTTP 302
https://ids.ad.gt/api/v1/g_match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&google_gid=CAESEPMPFBqFk5xj-g2ojwfAzhE&google_cver=1&google_ula=450542624,0

Request Chain 92

https://ids.ad.gt/api/v1/g_hosted?id=8501595a-a0f4-45db-b44b-6b8d917f7263 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ODUwMTU5NWEtYTBmNC00NWRiLWI0NGItNmI4ZDkxN2Y3MjYz

Request Chain 93

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3D8501595a-a0f4-45db-b44b-6b8d917f7263%26sas_uid%3D%5bsas_uid%5d HTTP 302
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&sas_uid=[sas_uid]&cklb=1

Request Chain 94

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D8501595a-a0f4-45db-b44b-6b8d917f7263%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D8501595a-a0f4-45db-b44b-6b8d917f7263%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ids.ad.gt/api/v1/impr_match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&impr_uid=6bbaa3dd-945f-4643-8f54-5c236fd4e320

Request Chain 95

https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3D8501595a-a0f4-45db-b44b-6b8d917f7263%26unruly_id%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/audigent/0?zcc=1&dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3D8501595a-a0f4-45db-b44b-6b8d917f7263%26unruly_id%3D%5BRX_UUID%5D&cb=1640883112982 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-d70e9d07-a91c-47ca-8a23-bad1412440bd-003?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3D8501595a-a0f4-45db-b44b-6b8d917f7263%26unruly_id%3DRX-d70e9d07-a91c-47ca-8a23-bad1412440bd-003 HTTP 302
https://ids.ad.gt/api/v1/unruly?id=8501595a-a0f4-45db-b44b-6b8d917f7263&unruly_id=RX-d70e9d07-a91c-47ca-8a23-bad1412440bd-003

Request Chain 96

https://api-34-221-205-23.b2c.com/api/x?pMKRMCvTRUwz3bMo$dXJsJDAkaHR0cHM6Ly93d3cucHJvdmlzaW9uZXJvbmxpbmUuY29tL2dkcHItcG9saWN5P3VybD1odHRwcyUzQSUyRiUyRnd3dy5wcm92aXNpb25lcm9ubGluZS5jb20lMkZhcnRpY2xlcyUyRjExMTg5Ni1ibG93aW5nLXNtb2tlIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCQiLCJ2aWRlbyQwJDE2MDB4MTIwMHgyNCIsImZyYW1lJDAkMCIsImhpZGRlbiQwJDAiLCJ2aXNpYmlsaXR5U3RhdGUkMCR2aXNpYmxlIiwiaGFzRm9jdXMkMCQxIiwid2luZG93JDAkMTYwMHgxMjAwIiwicGl4ZWxyYXRpbyQwJDEiLCJpbm5lciQwJDE2MDB4MTIwMCIsIm91dGVyJDAkMTYwMHgxMjAwIiwibG9jYWxTdG9yYWdlJDAkMSIsInNlc3Npb25TdG9yYWdlJDAkMSIsImFwcENvZGVOYW1lJDAkTW96aWxsYSIsImFwcE5hbWUkMCROZXRzY2FwZSIsImFwcFZlcnNpb24kMCQ1LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC45MyBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQxJHRydWUiLCJkb05vdFRyYWNrJDEkIiwiaGFyZHdhcmVDb25jdXJyZW5jeSQxJDQiLCJsYW5ndWFnZSQxJGVuLVVTIiwicGxhdGZvcm0kMSRMaW51eCB4ODZfNjQiLCJwcm9kdWN0JDEkR2Vja28iLCJwcm9kdWN0U3ViJDEkMjAwMzAxMDciLCJzZW5kQmVhY29uJDEkMSIsInVzZXJBZ2VudCQxJE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNiIsInZlbmRvciQxJEdvb2dsZSBJbmMuIiwidmVuZG9yU3ViJDEkIiwiZm9udHJlbmRlciQzJDEiLCJ3ZWJnbCQxMCQxIiwid2ViZ2wyJDEwJDEiLCJ3ZWJnbC12ZW5kb3IkMTAkSW50ZWwgSW5jLiIsIndlYmdsLXJlbmRlcmVyJDEwJEludGVsIElyaXMgT3BlbkdMIEVuZ2luZSIsIndlYmdsLWV4dGVuc2lvbnMkMTEkOWRmZDI1NTkiLCJ0aW1lJDExJDE2NDA4ODMxMTIxNTMiLCJ0aW1lem9uZSQxMSQwIiwicGx1Z2lucy10aW1lJDExJDAuMSIsInBsdWdpbnMkMTEkYjZkMDU1NTgiLCJtZW0tdG90YWxKU0hlYXBTaXplJDExJDIzLjEiLCJtZW0tdXNlZEpTSGVhcFNpemUkMTEkMjAuNSIsIm1lbS1qc0hlYXBTaXplTGltaXQkMTEkMzc2MCIsInRpbWUtcmVkaXJlY3RFbmQkMTEkODI4IiwidGltZS1mZXRjaFN0YXJ0JDExJDgyOCIsInRpbWUtZG9tYWluTG9va3VwU3RhcnQkMTEkODI4IiwidGltZS1kb21haW5Mb29rdXBFbmQkMTEkODI4IiwidGltZS1jb25uZWN0U3RhcnQkMTEkODI4IiwidGltZS1jb25uZWN0RW5kJDExJDgyOCIsInRpbWUtcmVxdWVzdFN0YXJ0JDExJDgzMCIsInRpbWUtcmVzcG9uc2VTdGFydCQxMSQxMTI2IiwidGltZS1yZXNwb25zZUVuZCQxMSQxMTMwIiwidGltZS1kb21Mb2FkaW5nJDExJDExMzciLCJ0aW1lLWRvbUludGVyYWN0aXZlJDExJDE4OTMiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudFN0YXJ0JDExJDE4OTMiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudEVuZCQxMSQxOTA2IiwibmF2aWdhdGlvbi1yZWRpcmVjdENvdW50JDExJDEiLCJuYXZpZ2F0aW9uLXR5cGUkMTEkbmF2aWdhdGUiLCJnbG9iYWxzLXRpbWUkMjIkMC41IiwiZ2xvYmFscyQyMyQ0MGVhMDY4NyIsImRvY3VtZW50LXRpbWUkMzUkMi44IiwiZG9jdW1lbnQkMzYkNTYwZmY0MTQiLCJjb25uZWN0aW9uJDM2JCIsImRvd25saW5rTWF4JDM2JCIsImdldFVzZXJNZWRpYSQzNiQyIiwicGFnZS1mcmFtZS1jb3VudCQzNyQ0IiwicGFnZS1mcmFtZS1saXN0JDM3JDB4MCNzNy5hZGR0aGlzLmNvbSAweDAjaW5zaWdodC5hZHNydnIub3JnIDB4MCM1MTIwMDQwLmZscy5kb3VibGVjbGljay5uZXQgMHgwI2NzeW5jLmxvb3BtZS5tZSIsInBhZ2UtaGFzaC10aW1lJDQzJDUuOCIsInBhZ2UtaGFzaCQ0MyRkMTU2Y2RjNSIsImNsb2NrJDQ3JDM4OTgiLCJiYXR0ZXJ5JDUwJDEgMSAwIEluZmluaXR5IiwicGVybWlzc2lvbi1nZW9sb2NhdGlvbiQ1MCRwcm9tcHQiLCJpbnRlcnNlY3Rpb24tc2l6ZSQ1MCQxNjAweDEyMDAiLCJpbnRlcnNlY3Rpb24kNTAkNDQiLCJwZXJtaXNzaW9uLW5vdGlmaWNhdGlvbnMkNTEkcHJvbXB0IiwicGVybWlzc2lvbi1jYW1lcmEkNTEkcHJvbXB0IiwicGVybWlzc2lvbi1taWNyb3Bob25lJDUxJHByb21wdCIsInBlcm1pc3Npb24tcGVyc2lzdGVudC1zdG9yYWdlJDUxJHByb21wdCIsImF1ZGlvY29udGV4dCQ4MCRmN2U3MTJkOSIsInNvcnQkMTEyJDIwIiwiYWRibG9jayQxMTMkMCIsImZyYW1lcmF0ZSQxNjAkODA~ HTTP 302
https://v4-api-34-221-205-23.b2c.com:444/api/4?pMKRMCvTRUwz3bMo

Request Chain 130

https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.provisioneronline.com/ROS?rnd=0.894444312828891&e=728x90_0%3A728x90%2C970x250%2C970x90%2B300x600_0%3A300x600%2C160x600%2B300x250_0%3A300x250&ur=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&pbv=5.20.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&e_pubcid=5ef97d69-a768-4e05-aa58-fe376ca1fe99 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/www.provisioneronline.com/ROS?ct=1&r=pbjs&rnd=0.894444312828891&e=728x90_0%3A728x90%2C970x250%2C970x90%2B300x600_0%3A300x600%2C160x600%2B300x250_0%3A300x250&ur=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&pbv=5.20.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&e_pubcid=5ef97d69-a768-4e05-aa58-fe376ca1fe99

Request Chain 191

https://gum.criteo.com/sid/json?origin=publishertag&domain=provisioneronline.com&sn=ChromeSyncframe&so=0&topUrl=www.provisioneronline.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=kN2wHnxVMFpiK1BIOG9YWEpHbk1DMnE1ei95Rmo2eEpTODIreFVyQkRSVk1KelVES0hsRHYyTjRTZlZEOEhpbUhWZG5xNmJMNEg5VzhoQ1NXM0FTZXpZOWtyanBLUUdCSXM5T0NZS3VEUlFoYURwSW84Si9nT1dDeWFuQzM4Sk5NRy82TTh3ZWtUUjZpQy9GSUdkYm1ZYjhYQVhMSHBqMzlzeFN3U3JtU2xLbVd5OUpEVFV4djhvMmhuMVJ1UldaMGtvVUV3OEY4UnpLQmxycHZlQWNrM3YxTldxMURKbllCUDVIRjAvRDEzeXovRmdVcEdXSm1GWDVoYTJ4dHYwODlrdVNBRmlZb3lmdkZhTFdSWC9veUFDWUVTTG5nRWNzVTVZalhtaFMyVlV5SXFoYz18&cppv=2

Request Chain 195

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.provisioneronline.com%2F&domain=www.provisioneronline.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=kFZruHx4Q3NOY3VsSGliNDBVV0hCSUFLcjAxRkcvN0VHR3lvNkxvaUFvQnYrZGxUbkNDbXdGVys3U3dUR3dGc2U3U0hvRGtrclV0MENWLzQvVGVvRFgzdmwwb0MwME1vOGtzVDFPUmpjZWNwSTVtTStJVXY5ZTdFSUJDVXFncFNzUUZxbXJibnErd3RDSVIzMEhwWlhvQVArbVpZNVU5L3N0cGpvd2pHdHZnSzN2d24valhFcUMvdldvS216MDZheVhrTjkvSnRHbm1WU05ZNGxLcjFjWlNBRndIei9FTlFGbkErcnUvTG5KWThlRzZDblpWS2t0YmFvL2Q2SGJrbnR0RmhrVU54R1oxWXRvRDIwSzhDRnhQWWxmSW9hWWcvVU1wTm5ST1FQVFNJaHFWOD18&cppv=2

196 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request gdpr-policy Show response
www.provisioneronline.com/
Redirect Chain

https://www.provisioneronline.com/articles/111896-blowing-smoke
https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

75 KB
16 KB

297ms
297ms

Document
text/html

208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

61f4256f835e8de08a9dee6ec958812a4a5dd618fbb9675975b678c16e162485

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 30 Dec 2021 16:51:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 14622
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
ETag: W/"c183ed8b42b9b21a0a5717149f759a46"
Cache-Control: max-age=0, private, must-revalidate, private
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Age: 0
Via: 1.1 varnish
Vary: Accept-Encoding, User-Agent
X-Cache: MISS
Allow-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

Redirect headers

Server: nginx
Date: Thu, 30 Dec 2021 16:51:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 189
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Location: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000
Age: 0
Via: 1.1 varnish
Vary: User-Agent
X-Cache: MISS
Allow-Ranges: bytes
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 54ms
9ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 30 Dec 2021 16:51:50 GMT
x-host: s7.addthis.com
content-length: 116406

GET
H/1.1 200
OK application-v2.css
www.provisioneronline.com/stylesheets/ 583 KB
80 KB 182ms
182ms Stylesheet
text/css 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/stylesheets/application-v2.css

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

e4e4d55ecc78ec3938ebda189d67d101fc0b5306a35bb9b2c6bec949d3c656d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:50 GMT
Content-Encoding: gzip
Age: 771
X-Cache: HIT
Connection: keep-alive
Content-Length: 81267
Last-Modified: Tue, 28 Dec 2021 07:12:25 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61cab8d9-91a57"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: text/css
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700,800,900|Lora:ital,wght@0,400;0,600;1,400;1,600&display=swap

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af7233c4a245971a38104ccb4caf53766d1b53a4331f6be176d012f9702560eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 16:48:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Dec 2021 16:51:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Dec 2021 16:51:50 GMT

GET
H/1.1 200
OK provisioneronline.css
www.provisioneronline.com/ext/resources/ 201 B
759 B 281ms
94ms Stylesheet
text/css 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/ext/resources/provisioneronline.css

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

414774c1c10e53871d456e35b61ff643dd4239ff383e83ba5ec47bfdfca10c07

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Via: 1.1 varnish
Age: 674
X-Cache: HIT
Content-Disposition: inline; filename="provisioneronline.css"
Connection: keep-alive
Content-Length: 201
Last-Modified: Thu, 25 Apr 2019 15:40:24 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "5cc1d4e8-c9"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: text/css
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK jade.default.min.js Show response
www.provisioneronline.com/javascripts/ 210 KB
71 KB 387ms
191ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/jade.default.min.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

dbafc138ec0b7bd9ddbf5bdf1aebc7bd1648c32705185e43e9857555541b543d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
Age: 673
X-Cache: HIT
Connection: keep-alive
Content-Length: 72019
Last-Modified: Tue, 28 Dec 2021 07:12:25 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61cab8d9-349c5"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK application.js Show response
www.provisioneronline.com/javascripts/ 13 KB
5 KB 303ms
102ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/application.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

5c16c6e3c342266205074b7177d4488e8332e94c01adfdb9ad6bf5c97251f495

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
Age: 519
X-Cache: HIT
Connection: keep-alive
Content-Length: 4262
Last-Modified: Thu, 23 Dec 2021 20:08:22 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61c4d736-336c"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK NP-2021Top100Processors-315.png
www.provisioneronline.com/ext/resources/Custom-Content/2021/redesignCC/ 27 KB
27 KB 100ms
99ms Image
image/png 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provisioneronline.com/ext/resources/Custom-Content/2021/redesignCC/NP-2021Top100Processors-315.png

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

f565ae4673102a1491f7e34e660065cccf2e3e011bd3d4e5b558eb7bc61edf49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Via: 1.1 varnish
Age: 462
X-Cache: HIT
Content-Disposition: inline; filename="NP-2021Top100Processors-315.png"
Connection: keep-alive
Content-Length: 27394
Last-Modified: Tue, 04 May 2021 16:11:07 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "6091721b-6b02"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: image/png
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK NP_twitter_head_315px.png
www.provisioneronline.com/ext/resources/Custom-Content/2021/ 12 KB
12 KB 98ms
97ms Image
image/png 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provisioneronline.com/ext/resources/Custom-Content/2021/NP_twitter_head_315px.png

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

2cb5d7199f312df8e6dee2b7dc7ae8e59a412327bd034a2815d83d025daa78be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Via: 1.1 varnish
Age: 462
X-Cache: HIT
Content-Disposition: inline; filename="NP_twitter_head_315px.png"
Connection: keep-alive
Content-Length: 12154
Last-Modified: Tue, 13 Jul 2021 18:04:07 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "60edd597-2f7a"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: image/png
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK advances.jpg
www.provisioneronline.com/ext/resources/images/2019/thumb/ 5 KB
6 KB 96ms
95ms Image
image/jpeg 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provisioneronline.com/ext/resources/images/2019/thumb/advances.jpg?1552860685

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

c862ab5897edd93789e67dc24b19e41c67e75ec3afa70bee6a096e6a1437581e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Via: 1.1 varnish
Age: 78313
X-Cache: HIT
Content-Disposition: inline; filename="advances.jpg"
Connection: keep-alive
Content-Length: 5096
Last-Modified: Sun, 17 Mar 2019 22:11:25 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "5c8ec60d-13e8"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: image/jpeg
Cache-Control: max-age=86400, public
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes
Expires: Thu, 30 Dec 2021 19:06:37 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 43ms
8ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:51 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37815
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H/1.1 200
OK print.css
www.provisioneronline.com/stylesheets/ 518 KB
74 KB 101ms
101ms Stylesheet
text/css 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/stylesheets/print.css

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

65f14cae897206ec3350b61c975a6202d30bdd4df2e1002c2b12be979fbc36d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
Age: 462
X-Cache: HIT
Connection: keep-alive
Content-Length: 74752
Last-Modified: Tue, 28 Dec 2021 07:12:25 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61cab8d9-819a5"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: text/css
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
45 KB 55ms
33ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRZMVCV

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14d78c2c856489336bca4fa064d479e4b9990fe3c1bb9fad019e94b652761f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46016
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Dec 2021 16:51:51 GMT

GET
H2 200 wrapper_hb_302826_5912.js Show response
player.mediafuse.com/prebidlink/455800/ 1 KB
843 B 51ms
6ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.mediafuse.com/prebidlink/455800/wrapper_hb_302826_5912.js
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4683362f4baa0d942f1a4fecbc0b90a5f24f4ad9e8d11e44f04f7e317e9e6ab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:51 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 19:09:41 GMT
server: nginx
etag: W/"61ccb275-421"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 30 Dec 2021 17:51:51 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v8/ 16 KB
17 KB 35ms
13ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700,800,900|Lora:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.provisioneronline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:14:00 GMT
x-content-type-options: nosniff
age: 149871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:18:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 23:14:00 GMT

GET
H/1.1 200
OK NP_webimage.jpg
www.provisioneronline.com/ext/resources/Custom-Content/ 725 KB
726 KB 197ms
196ms Image
image/jpeg 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provisioneronline.com/ext/resources/Custom-Content/NP_webimage.jpg?1620052588

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

0d729b3356d3859510dd329559f90fa2bcf4a3d358ae785452374d40eef78520

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Via: 1.1 varnish
Age: 78313
X-Cache: HIT
Content-Disposition: inline; filename="NP_webimage.jpg"
Connection: keep-alive
Content-Length: 742432
Last-Modified: Mon, 03 May 2021 14:36:27 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "60900a6b-b5420"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: image/jpeg
Cache-Control: max-age=86400, public
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes
Expires: Thu, 30 Dec 2021 19:06:38 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.provisioneronline.com/fonts/ 82 KB
82 KB 185ms
185ms Font
application/font-woff 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/fonts/fontawesome-webfont.woff?v=4.1.0

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/stylesheets/application-v2.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.provisioneronline.com/stylesheets/application-v2.css
Origin: https://www.provisioneronline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Via: 1.1 varnish
Age: 164847
X-Cache: HIT
Connection: keep-alive
Content-Length: 83760
Last-Modified: Tue, 28 Dec 2021 07:10:27 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "61cab863-14730"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: application/font-woff
Cache-Control: public, max-age=31536000
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v8/ 17 KB
17 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700,800,900|Lora:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7287735cb481be63658ddbb5412092d2539823978d2f4d294da10aaa81e32265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.provisioneronline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:17:52 GMT
x-content-type-options: nosniff
age: 149639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17112
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:15:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 23:17:52 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v8/ 17 KB
17 KB 31ms
16ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700,800,900|Lora:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.provisioneronline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 18:02:31 GMT
x-content-type-options: nosniff
age: 168560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17108
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 18:02:31 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v8/ 17 KB
17 KB 22ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700,800,900|Lora:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b913028cae336af75686538cf833779bac3d2e42701ac7800415dfe3d32a76d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.provisioneronline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 18:02:41 GMT
x-content-type-options: nosniff
age: 168550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17228
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 18:02:41 GMT

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/h83y0ff/v79hgpl/ Frame 1FBF
Redirect Chain

https://insight.adsrvr.org/tags/h83y0ff/v79hgpl/iframe
https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/v79hgpl/iframe

133 B
663 B

237ms
12ms

Document
text/html

18.66.123.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/v79hgpl/iframe
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.123.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-123-144.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8132a9d2e685a073675485064e57fd21ef1f6c6d04ab456d992e5bff7782567

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/

Response headers

Content-Type: text/html
Content-Length: 133
Connection: keep-alive
Last-Modified: Sat, 02 Oct 2021 00:04:48 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 30 Dec 2021 07:37:26 GMT
Cache-Control: max-age=86400
ETag: "f1538c2bff150b29cbb7724d0ad1bd54"
X-Cache: Hit from cloudfront
Via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
X-Amz-Cf-Id: ctLGebLW0fXdM_Jx2wu2QY9cv7rta334pDyt-PxB3Y_9bY8pvjB3AQ==
Age: 33266

Redirect headers

date: Thu, 30 Dec 2021 16:51:51 GMT
content-type: text/html; charset=UTF-8
content-length: 183
location: https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/v79hgpl/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2

200

activityi;dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474 Show response
5120040.fls.doubleclick.net/ Frame CDF3
Redirect Chain

https://5120040.fls.doubleclick.net/activityi;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474?
https://5120040.fls.doubleclick.net/activityi;dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474?

446 B
523 B

20ms
19ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5120040.fls.doubleclick.net/activityi;dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474?

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

54ac7319ccbc7fb967412f2d16ae9ca31255c9d8bb1ebcb6b0a5b34d0912a52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 30 Dec 2021 16:51:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 30 Dec 2021 16:51:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5120040.fls.doubleclick.net/activityi;dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5159f27a1160d2b2/ 3 KB
1005 B 79ms
71ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5159f27a1160d2b2/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 27dfb65627347715ebcea51267da3923de00100e9474dd40988d0048dbbac0b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:51 GMT
content-encoding: gzip
etag: 264470374--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=40, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 830

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 257ms
234ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61cde3a6df5a5f38&bkl=0&bl=1&pdt=1182&sid=61cde3a6df5a5f38&pub=ra-5159f27a1160d2b2&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.provisioneronline.com&fp=gdpr-policy&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=provisioner%2Cnational%20provisioner%2Cmeat%2Cprotein%2Cpoultry%2Cpork%2Cturkey%2Cchicken%2Cbeef%2Cseafood%2Cfish%2Cprocessing%2Cpackaging%2Cfood%20safety%2Cmaterial%20handling%2Cproduct%20development%2Cingredients%2Cformulation%2Cregulations&colc=1640883111024&jsl=1&uvs=61cde3a6a1413c44000&skipb=1&callback=addthis.cbs.jsonp__99928374998310290
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c49e4c5b75b5d99ab5a21c80fa93310d4924da96f368129e23c96992bfc323c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:51 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame FD9F 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 37D3 71 KB
26 KB 36ms
36ms Document
text/html 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 30 Dec 2021 16:51:51 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK add-this-toolbox.js Show response
www.provisioneronline.com/javascripts/app/components/ 3 KB
2 KB 95ms
95ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/components/add-this-toolbox.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

4fda3ee207f446d23c68553d5cc01858cdaab99c03aa6aa9dc5d5de5568f34fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
Age: 667
X-Cache: HIT
Connection: keep-alive
Content-Length: 1022
Last-Modified: Tue, 28 Dec 2021 07:10:27 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61cab863-a4b"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK mobile-nav.js Show response
www.provisioneronline.com/javascripts/app/ 3 KB
2 KB 188ms
92ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/mobile-nav.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

08853164eedfa60c07f77bb8d7162d0c8724eb87fde8333ed00876c9cba315ae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
Age: 280
X-Cache: HIT
Connection: keep-alive
Content-Length: 1036
Last-Modified: Tue, 28 Dec 2021 07:10:26 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61cab862-caf"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK nav-quick-return.js Show response
www.provisioneronline.com/javascripts/app/ 2 KB
1 KB 203ms
98ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/nav-quick-return.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

4b8985f4d14549d9b4f926bcd5e7834c70eeea6462c8557981bb61acb35bc545

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
Age: 669
X-Cache: HIT
Connection: keep-alive
Content-Length: 858
Last-Modified: Thu, 23 Dec 2021 20:08:22 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61c4d736-861"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK quick-search.js Show response
www.provisioneronline.com/javascripts/app/ 2 KB
1 KB 176ms
95ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/quick-search.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

9a6bf0a6e2eb1b64d0823e7a6b41430390a384de43380f44a10e03f296bf5b93

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
Age: 280
X-Cache: HIT
Connection: keep-alive
Content-Length: 792
Last-Modified: Thu, 23 Dec 2021 20:08:22 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61c4d736-75b"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK user-actions.js Show response
www.provisioneronline.com/javascripts/app/ 1 KB
882 B 182ms
98ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/user-actions.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

ed809fc9518b8f5164e45e3da013e15feea32f290b91c5cff5c92cf61cbf0ce9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
Age: 649
X-Cache: HIT
Connection: keep-alive
Content-Length: 329
Last-Modified: Thu, 23 Dec 2021 20:08:21 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61c4d735-410"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK follow-scroll.js Show response
www.provisioneronline.com/javascripts/app/ 10 KB
3 KB 125ms
117ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/follow-scroll.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

00fba0f0699a539ababcbfdbf562c25e809dbf5a78c02d5f7db18e691ae61785

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
Age: 668
X-Cache: HIT
Connection: keep-alive
Content-Length: 2385
Last-Modified: Thu, 23 Dec 2021 20:08:21 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61c4d735-263c"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK sponsored-content-help.js Show response
www.provisioneronline.com/javascripts/app/ 2 KB
1 KB 112ms
112ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/sponsored-content-help.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

52aba7c806ca9e6af714856641bf87ebb2a715ef06200f6fb94085546320a8e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
Age: 646
X-Cache: HIT
Connection: keep-alive
Content-Length: 675
Last-Modified: Thu, 23 Dec 2021 20:08:21 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61c4d735-780"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK scrolldepth.bundle.js Show response
www.provisioneronline.com/javascripts/app/bundle/ 5 KB
2 KB 110ms
110ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/bundle/scrolldepth.bundle.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

92f49b0d4868cbc9ad9769e58296ce27cf4d6dc10273937262005a9b8cf5cd27

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
Age: 646
X-Cache: HIT
Connection: keep-alive
Content-Length: 1911
Last-Modified: Tue, 28 Dec 2021 07:12:25 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61cab8d9-142c"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK olytics-dfp.bundle.js Show response
www.provisioneronline.com/javascripts/app/bundle/ 81 KB
23 KB 174ms
174ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/bundle/olytics-dfp.bundle.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

13585d9b686ac703e4b5298cb55720b110224b90b0fa7b9ad6660baf3a04345c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
Age: 649
X-Cache: HIT
Connection: keep-alive
Content-Length: 23216
Last-Modified: Tue, 28 Dec 2021 07:12:25 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61cab8d9-145cb"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK dfp-ads.bundle.js Show response
www.provisioneronline.com/javascripts/app/bundle/ 77 KB
22 KB 99ms
98ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/bundle/dfp-ads.bundle.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

4dfe38d20e93f37d8121aaaa0da88b999d73a5dcdcf74254b62403a2b9274918

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
Age: 646
X-Cache: HIT
Connection: keep-alive
Content-Length: 21700
Last-Modified: Tue, 28 Dec 2021 07:12:25 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61cab8d9-1354e"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK modify-dfp-targeting.bundle.js Show response
www.provisioneronline.com/javascripts/app/bundle/ 4 KB
2 KB 102ms
101ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/bundle/modify-dfp-targeting.bundle.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

42439fb5d5c40792e8ae5f3264cadfbba2b7272af95cf1297e51082bca8cf995

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:52 GMT
Content-Encoding: gzip
Age: 649
X-Cache: HIT
Connection: keep-alive
Content-Length: 1700
Last-Modified: Tue, 28 Dec 2021 07:12:25 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61cab8d9-f8c"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK main.bundle.js Show response
www.provisioneronline.com/javascripts/app/bundle/ 115 KB
34 KB 98ms
97ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/bundle/main.bundle.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

abc7cb6ac4a9ab3a18482fc3821ab7dee10cdd93e03d580d39ac4ae4b33d0581

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:52 GMT
Content-Encoding: gzip
Age: 514
X-Cache: HIT
Connection: keep-alive
Content-Length: 34731
Last-Modified: Tue, 28 Dec 2021 07:12:25 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61cab8d9-1cc5e"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-cookie.js Show response
www.provisioneronline.com/javascripts/ 2 KB
1 KB 102ms
102ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/jquery-cookie.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

fe109b9d05e617669a7d867b3e7c757f909f32afaf06355ab838e60773c71cf6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:52 GMT
Content-Encoding: gzip
Age: 514
X-Cache: HIT
Connection: keep-alive
Content-Length: 858
Last-Modified: Tue, 28 Dec 2021 07:10:28 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61cab864-88e"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK selectize.min.js Show response
www.provisioneronline.com/javascripts/vendor/ 41 KB
14 KB 97ms
96ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/vendor/selectize.min.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

0d63b07cee205cb37fa26cd0768764c2207c1e8eb9a2f194df10f303192f665f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:52 GMT
Content-Encoding: gzip
Age: 649
X-Cache: HIT
Connection: keep-alive
Content-Length: 13760
Last-Modified: Thu, 23 Dec 2021 20:08:22 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61c4d736-a551"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK tabs.bundle.js Show response
www.provisioneronline.com/javascripts/app/bundle/ 9 KB
4 KB 97ms
96ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/bundle/tabs.bundle.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

85c36ade746d4ec3cc18bd39fda1fda0637b54b553a45e47959e379570e403c8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:52 GMT
Content-Encoding: gzip
Age: 649
X-Cache: HIT
Connection: keep-alive
Content-Length: 3434
Last-Modified: Tue, 28 Dec 2021 07:12:25 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61cab8d9-24e4"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK brightcove-video-list.bundle.js Show response
www.provisioneronline.com/javascripts/app/bundle/ 62 KB
18 KB 202ms
202ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/bundle/brightcove-video-list.bundle.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

4838c88697aee0314d57578fe3e04e9574c7a155e251c86b4eb29769a426eb70

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:52 GMT
Content-Encoding: gzip
Age: 649
X-Cache: HIT
Connection: keep-alive
Content-Length: 17533
Last-Modified: Tue, 28 Dec 2021 07:12:25 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61cab8d9-f6ab"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 hbw_master_302826_5912.js Show response
player.hbmp.mediafuse.com/prebidlink/455800/ 117 KB
36 KB 33ms
10ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.hbmp.mediafuse.com/prebidlink/455800/hbw_master_302826_5912.js
Requested by: Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/455800/wrapper_hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c564d7b225eecedf4515167f96e30432697521612e2e36a1be097704518a335

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:51 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 19:09:41 GMT
server: nginx
etag: W/"61ccb275-1d50c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 30 Dec 2021 17:51:51 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 77ms
28ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1086 / 96 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26915
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Dec 2021 16:51:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRZMVCV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6645
date: Thu, 30 Dec 2021 15:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 30 Dec 2021 17:01:06 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 29 KB
13 KB 315ms
35ms Script
application/javascript 34.247.104.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?3011
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f80cae32da47e2c578cba58af55bacb379adabebb37f89e1ca67585863dfc72e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=86400
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1 200 olytics.css
olytics.omeda.com/olytics/css/v3/p/ 28 KB
3 KB 717ms
114ms Stylesheet
text/css 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/css/v3/p/olytics.css

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRZMVCV

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 27 Aug 2021 04:05:28 GMT
Server: Apache
ETag: W/"28820-1630037128000"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Accept-Ranges: bytes
vary: accept-encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 30 Dec 2021 22:51:52 GMT

GET
H/1.1 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ 272 KB
74 KB 715ms
118ms Script
application/javascript 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

95231dced2d23b7c6197e130f3c1277d91bfe7269ee318f7072bbd8dace032c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Nov 2021 19:22:02 GMT
Server: Apache
ETag: W/"278991-1637263322000"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Accept-Ranges: bytes
vary: accept-encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 30 Dec 2021 22:51:52 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 10ms
10ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 30 Dec 2021 16:51:51 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 hb_302826_5912.js Show response
player.hbmp.mediafuse.com/prebidlink/ex18992/ 413 KB
124 KB 112ms
111ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/455800/hbw_master_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: f72030b4276305d37e8c7d8d99f972ecee304f5a3d01fe3e47ca50a13d81cd95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:51 GMT
content-encoding: gzip
last-modified: Fri, 24 Dec 2021 11:12:40 GMT
server: nginx
etag: W/"61c5ab28-6730b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 30 Dec 2021 17:51:51 GMT

GET
H/1.1 200
OK / Show response
ghb.hbmp.mediafuse.com/geo/ 133 B
394 B 667ms
163ms XHR
application/json 209.58.175.20
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/geo/
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/455800/hbw_master_302826_5912.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.175.20 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: aeb8077f4898ef4d2b4b900ebc67d500684862e16971e9094db44353adaaa34d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.provisioneronline.com
Date: Thu, 30 Dec 2021 16:51:52 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 133
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.hbmp.mediafuse.com/adunit/ 43 B
430 B 665ms
162ms XHR
image/gif 209.58.175.20
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/adunit/tracking?event=11&type=0&client_id=302826&site_id=5912&full_page_url=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&adid=t7froh.9h&features=0&vpbv=N040&lifecycle_tte=2024
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/455800/hbw_master_302826_5912.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.175.20 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.provisioneronline.com
Date: Thu, 30 Dec 2021 16:51:52 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474;~oref=https://www.provisioneronline.com/ Frame 3C6D 448 B
817 B 80ms
44ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474;~oref=https://www.provisioneronline.com/

Requested by

Host: 5120040.fls.doubleclick.net
URL: https://5120040.fls.doubleclick.net/activityi;dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7a6cbe914124dc56487ffdf4bcd4d0bc22104c7ff36efb2937aaff3f2648b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5120040.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 30 Dec 2021 16:51:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 348
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1603887123&t=pageview&_s=1&dl=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&ul=en-us&de=UTF-8&dt=%7C%20The%20National%20Provisioner&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=2082506872&gjid=1571458299&cid=1203073193.1640883111&tid=UA-2806739-19&_gid=298285908.1640883111&_r=1&gtm=2wgc10PRZMVCV&cd5=default&cd12=0&cd13=0&cd14=&cd16=0%2C0&cd18=0&cd19=&cd20=&z=794725775

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.provisioneronline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 37ms
22ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Dec 2021 16:51:51 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 88 B
108 B 35ms
17ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.provisioneronline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a49855a3e1e2f392d8309e4a4aa4676441a74487540d180ba512c8e9dd4e808a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 16:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83
x-xss-protection: 0
expires: Thu, 30 Dec 2021 16:51:51 GMT

GET
H/1.1 200
OK jquery.mmenu.min.js Show response
www.provisioneronline.com/javascripts/vendor/ 11 KB
4 KB 102ms
101ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/vendor/jquery.mmenu.min.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

5aea0d1d89aba77c45ee34479a9668ca395cf3c10855b71ab6cfe9ec513901bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:52 GMT
Content-Encoding: gzip
Age: 462
X-Cache: HIT
Connection: keep-alive
Content-Length: 3645
Last-Modified: Thu, 23 Dec 2021 20:08:22 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61c4d736-2bca"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK headroom.min.js Show response
www.provisioneronline.com/javascripts/vendor/ 4 KB
2 KB 92ms
91ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/vendor/headroom.min.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

402459ba2ba22075416d1aa09518df58ab0138095ff2d304ada984264a9d4bd3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:52 GMT
Content-Encoding: gzip
Age: 646
X-Cache: HIT
Connection: keep-alive
Content-Length: 1399
Last-Modified: Thu, 23 Dec 2021 20:08:22 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61c4d736-f1b"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK enquire.min.js Show response
www.provisioneronline.com/javascripts/vendor/ 2 KB
2 KB 93ms
93ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/vendor/enquire.min.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:52 GMT
Content-Encoding: gzip
Age: 643
X-Cache: HIT
Connection: keep-alive
Content-Length: 1006
Last-Modified: Thu, 23 Dec 2021 20:08:22 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61c4d736-8ce"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK modernizr.csstransitions.js Show response
www.provisioneronline.com/javascripts/vendor/ 2 KB
2 KB 101ms
101ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/vendor/modernizr.csstransitions.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

4dd2c080c446c1f37ccd43a687fb824c9a53a5fac513e9c1703be1a279920863

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:52 GMT
Content-Encoding: gzip
Age: 647
X-Cache: HIT
Connection: keep-alive
Content-Length: 996
Last-Modified: Thu, 23 Dec 2021 20:08:21 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61c4d735-7d9"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 /
insight.adsrvr.org/track/conv/ Frame 1FBF 70 B
260 B 30ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=h83y0ff&ct=0:v79hgpl&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/h83y0ff/v79hgpl/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:52 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 33ms
33ms Script
application/javascript 34.247.104.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=67120&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&pv=1640883111496_1315djarv&bl=en-us&cb=3890194&return=&ht=&d=&dc=&si=1640883111496_1315djarv&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?3011
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 16:51:51 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H/1.1 200
OK logger.bundle.js Show response
www.provisioneronline.com/javascripts/app/bundle/ 55 KB
18 KB 101ms
101ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/bundle/logger.bundle.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

9c9ac3998a17e6e97f9e560c809127c65d745f10d90548a62440625fc91c2e7b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:52 GMT
Content-Encoding: gzip
Age: 463
X-Cache: HIT
Connection: keep-alive
Content-Length: 18111
Last-Modified: Tue, 28 Dec 2021 07:12:25 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61cab8d9-da01"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H3

200

/ Show response
5120040.fls.doubleclick.net/ddm/fls/r/dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474;~oref=https://www.provisioneronline.com/ Frame CDEA
Redirect Chain

https://adservice.google.co.uk/ddm/fls/i/dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474;~oref=https://www.provisioneronline.com/
https://5120040.fls.doubleclick.net/ddm/fls/r/dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474;~oref=https://www.provisioneronline.com/

326 B
293 B

19ms
19ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5120040.fls.doubleclick.net/ddm/fls/r/dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474;~oref=https://www.provisioneronline.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474;~oref=https://www.provisioneronline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

37a17b75411c369ce20779ecaa7af3fbe35892270a76066646d4a59177a93b60

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 30 Dec 2021 16:51:52 GMT
expires: Thu, 30 Dec 2021 16:51:52 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 268
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 30 Dec 2021 16:51:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://5120040.fls.doubleclick.net/ddm/fls/r/dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474;~oref=https://www.provisioneronline.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK jquery.mmenu.fixedelements.min.js Show response
www.provisioneronline.com/javascripts/vendor/ 682 B
928 B 92ms
92ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/vendor/jquery.mmenu.fixedelements.min.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

31d7a86266ba3fbaea29718b1261abcd93ef1e56faeb5d4069f94e9e90dc9cda

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:52 GMT
Content-Encoding: gzip
Age: 635
X-Cache: HIT
Connection: keep-alive
Content-Length: 375
Last-Modified: Thu, 23 Dec 2021 20:08:22 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61c4d736-2aa"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H2 200 /
insight.adsrvr.org/track/conv/ Frame CDEA 70 B
260 B 35ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=h83y0ff&ct=0:4zgfrup7&fmt=3
Requested by: Host: 5120040.fls.doubleclick.net
URL: https://5120040.fls.doubleclick.net/ddm/fls/r/dc_pre=CJrH9ff9i_UCFdIYGwodMW8GBQ;src=5120040;type=ip1590;cat=provi0;ord=5547053050545.474;~oref=https://www.provisioneronline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5120040.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:52 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 789514826001 Show response
edge.api.brightcove.com/playback/v1/accounts/599585967001/playlists/ 21 KB
21 KB 8ms
8ms XHR
application/json 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/599585967001/playlists/789514826001?limit=4&json
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/jade.default.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a75c8c3ad4d4eb6f9b30bdb7c0f4da360a0fe4f5f5e2b2d970c82dfd2b02c98a

Request headers

Accept: application/json;pk=BCpkADawqM1CSLkNMXl4noZnUFKfkqq30qsaWUzd5MZ8UFUmwKL7KzrYLM-Z9C_5OJG351h5c1ZBtJFULAf6Jp_hmftcuqTx93AFdiL1lNh6YaeVgKAS5unUTZ0
Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:52 GMT
powered-from: eu-central-1b
bcov-request-id: 1ec14bc7-32d0-4164-b706-fe36124b55fe
age: 94
policy-key-accountid: 599585967001
x-cache: HIT
access-control-allow-origin: *
powered-by: BC
content-length: 21113
x-served-by: cache-fra19147-FRA
bcov-instance: unknown
policy-key-raw: BCpkADawqM1CSLkNMXl4noZnUFKfkqq30qsaWUzd5MZ8UFUmwKL7KzrYLM-Z9C_5OJG351h5c1ZBtJFULAf6Jp_hmftcuqTx93AFdiL1lNh6YaeVgKAS5unUTZ0
x-timer: S1640883112.360620,VS0,VE1
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
bcov-debug-cache-stats: unknown
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-amz-cf-id: unknown
x-cache-hits: 1

OPTIONS
H2 200 789514826001
edge.api.brightcove.com/playback/v1/accounts/599585967001/playlists/ Frame 0
0 39ms
6ms Preflight 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/599585967001/playlists/789514826001?limit=4&json
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.provisioneronline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
access-control-max-age: 86400
accept-ranges: bytes
date: Thu, 30 Dec 2021 16:51:52 GMT
via: 1.1 varnish
x-served-by: cache-fra19147-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1640883112.353570,VS0,VE0
bcov-debug-cache-stats: unknown
bcov-instance: unknown
x-amz-cf-id: unknown
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK 6.6.bundle.js Show response
www.provisioneronline.com/javascripts/app/bundle/ 539 B
925 B 92ms
91ms Script
application/javascript 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provisioneronline.com/javascripts/app/bundle/6.6.bundle.js

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/javascripts/app/bundle/main.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

86b7ac16d2e3e59db7bb6c162070c811650d876c47d2d0b1c8760a8d03f51637

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:52 GMT
Content-Encoding: gzip
Age: 462
X-Cache: HIT
Connection: keep-alive
Content-Length: 372
Last-Modified: Tue, 28 Dec 2021 07:12:25 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"61cab8d9-21b"
Vary: Accept-Encoding, User-Agent
Allow-Ranges: bytes
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK video-play.png
www.provisioneronline.com/images/video/ 5 KB
5 KB 101ms
101ms Image
image/png 208.91.60.110
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provisioneronline.com/images/video/video-play.png

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/stylesheets/application-v2.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.91.60.110 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

provisioneronline.com

Software

nginx /

Resource Hash

a041651fc88210ebdd9d35c3edc954ac0137b4ed6217c3eef15a4d86785ffe7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/stylesheets/application-v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:52 GMT
Via: 1.1 varnish
Age: 632
X-Cache: HIT
Connection: keep-alive
Content-Length: 4792
Last-Modified: Thu, 23 Dec 2021 20:08:21 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "61c4d735-12b8"
Vary: User-Agent
Allow-Ranges: bytes
Content-Type: image/png
Cache-Control: must-revalidate, public, max-age=900
Content-Security-Policy: frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Accept-Ranges: bytes

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/599585967001/dad60fae-0271-4b55-9f36-b1a6e4793e0b/3e481734-cb20-415c-9453-7cb65717a572/360x203/match/ 20 KB
20 KB 47ms
8ms Image
image/jpeg 52.222.248.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/599585967001/dad60fae-0271-4b55-9f36-b1a6e4793e0b/3e481734-cb20-415c-9453-7cb65717a572/360x203/match/image.jpg
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-248-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 2eed9751662f1cb57ca5e823e9157f12e75787e495480476490a4333ac4a88a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 19:37:35 GMT
Via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 767657
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: -6YNc7q3Cl_5OhEK2NVY2NwiL970tmexfWLQoaEDSyZKgV-db-_--Q==
Expires: Wed, 21 Dec 2022 19:37:35 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/599585967001/ebd845af-9187-422b-ba59-c72246a1672a/e51b29d1-7efe-43ca-9ac7-176232e389c7/360x203/match/ 21 KB
22 KB 48ms
10ms Image
image/jpeg 52.222.248.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/599585967001/ebd845af-9187-422b-ba59-c72246a1672a/e51b29d1-7efe-43ca-9ac7-176232e389c7/360x203/match/image.jpg
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-248-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 05c5f88de5ccad1d34cc9d097f33169c9277fa57e2a3d3565eb45812824221de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 18:54:02 GMT
Via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5f.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 770270
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: UnppG-LT0lhPtgSJZh60aP_jn9bF3uxGgNuBCQ8mCHrQz6zGGl3I2A==
Expires: Wed, 21 Dec 2022 18:54:02 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/599585967001/91f297d0-e43e-4fe3-b46b-595061a68cf5/28ce92c0-e1c0-47d2-a36d-4e01fac0a53f/360x203/match/ 24 KB
25 KB 49ms
11ms Image
image/jpeg 52.222.248.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/599585967001/91f297d0-e43e-4fe3-b46b-595061a68cf5/28ce92c0-e1c0-47d2-a36d-4e01fac0a53f/360x203/match/image.jpg
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-248-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 1d9c7ee9d5dd7bd52dd28f20bc81fe2a35d1aee66da04a1841c62cbbe98aa4e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 19:52:53 GMT
Via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 3704339
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: sQr3h91K7uJ49uthbdZVr3wHBgvNFUBOiQrPJkj7Q3r363ogUc6cxw==
Expires: Thu, 17 Nov 2022 19:52:53 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/599585967001/93246552-9482-4e56-a012-b4ea1b10b60a/32a4c618-2282-4735-b49a-1197c0c252ec/360x203/match/ 21 KB
21 KB 47ms
9ms Image
image/jpeg 52.222.248.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/599585967001/93246552-9482-4e56-a012-b4ea1b10b60a/32a4c618-2282-4735-b49a-1197c0c252ec/360x203/match/image.jpg
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-248-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 86aca2ffe90ade1ddb95f8810d08512c7d4988fc0f9b71d90413d3e6b65083bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 17:20:35 GMT
Via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 6823877
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: zbFKATeMUec_gwn2npXn0MpY83uZxv7Y-qB65vkQBNriR9IYKixCfQ==
Expires: Wed, 12 Oct 2022 17:20:35 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.hbmp.mediafuse.com/ 651 B
642 B 162ms
162ms XHR
application/json 209.58.175.20
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/csyncs?aid1=484156&aid2=484158&aid3=605039&aid4=undefined
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/455800/hbw_master_302826_5912.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.175.20 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 1b8cd44b37e8b4fea76da35db8fe26a674224576a0881fe633d5cd29b74ec6e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:52 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.provisioneronline.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 342

GET
H2 200 170 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 505ms
173ms Script
application/javascript 35.160.232.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/170
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/455800/hbw_master_302826_5912.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.232.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-232-188.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e8115359f2577b11363670164ce425c7a4318af8f122a9efc2e2dad99fa61be5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:52 GMT
server: nginx/1.18.0
content-length: 3378
content-type: application/javascript

GET
H2 200 init-1016mnvd6jvjr44ajs9g.js Show response
api.fouanalytics.com/api/ 477 B
969 B 272ms
243ms Script
text/javascript 2606:4700:3036::ac43:c834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1016mnvd6jvjr44ajs9g.js
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/455800/hbw_master_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19587da7614b9cec456eb138be25ebb246cf85a3ef1537f38f2c3f3f8477b558

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1UpFRCExHcB5crQ9b1FOobqog1w1B46EU9F2gAAkP9d4p4RxE8NwU6wlNR8liwe0ISGI6Az2VpYUoMtiqCEZ95IDlVzml3ueWvjzhFJUOvCI6V08VTDB%2Bybucu%2F%2BR6fZh4yuCEHrQ4HslBCxhhfUJpKSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6c5cc67cd98c6943-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: 0

GET

csync
sync.adtelligent.com/ Frame 8D76
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ea995a08-c3ff-4611-90d6-6334ea27d141

0
0

GET
H2 204 match
dm.hybrid.ai/ 0
238 B 151ms
54ms Image
text/plain 37.18.16.23
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:52 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 110
x-xss-protection: 1; mode=block
expires: -1

GET csync
sync.adtelligent.com/ 0
0

GET
H2 200 pp.js Show response
api-34-221-205-23.b2c.com/s/ 13 KB
5 KB 45ms
18ms Script
text/javascript 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-221-205-23.b2c.com/s/pp.js
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 822e2805bc659f7831dacca84ce653e94dfa471f11d65213b9a997dffe1dbd4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Dec 2021 19:56:18 GMT
server: cloudflare
age: 6365
etag: W/"61b7a562-331a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRyk30ttowIJD1vaKTd48bPcijvZOPy2d4Go1sjTY%2BLN05CunLkv06c%2F%2BF5fTmIRXKBAXggrFEpwyzDBlk6V7XrM8mLPAJIQ9qeYwPRz42CQvXQOJvHXIqADh%2FxcwoUTk8xzpFS4vhyefrdmgaz2s3AVyhkVo5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c5cc67e9e7c4de8-FRA

GET
H2 200 ad.gif
api-34-221-205-23.b2c.com/s/ 43 B
384 B 20ms
20ms Image
image/gif 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-34-221-205-23.b2c.com/s/ad.gif
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:52 GMT
cf-cache-status: HIT
last-modified: Mon, 13 Dec 2021 19:56:18 GMT
server: cloudflare
age: 6364
etag: "61b7a562-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2zPO1UTPPfxxrae%2BX%2FuZw1udz1hgAFeFcIoo7WKjJJp915S50%2Fd%2Bzrq5bnY%2FwRyafwBbsozWb1Hnf2U0PtL2U8ledgIyTbVwepiQ8DubVkX14hDyfUDmYNH%2FDRmnSghr7HCSuqMIhi6C6xiBkPWsWqM%2FRoP9%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c5cc67f0f924de8-FRA
content-length: 43

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 578ms
113ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.provisioneronline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 600
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Content-Type: text/plain
Content-Length: 0
Date: Thu, 30 Dec 2021 16:51:53 GMT
Server: Apache

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 62ms
35ms Fetch
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 16:51:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 16063294501619000598
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 30 Dec 2021 16:51:52 GMT

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
307 B 121ms
120ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 30 Dec 2021 16:51:53 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

HEAD
H2 200 gpt.js
www.googletagservices.com/tag/js/ 0
0 42ms
14ms Fetch
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1086 / 740 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Dec 2021 16:51:52 GMT

GET
H/1.1 200 1ac8a596-418c-440c-9ead-866e7821ac6d Show response
olytics.omeda.com/olytics/segments/o/aaadca81559b40a38634843651d8dc75/c/null/a/ 25 B
337 B 734ms
124ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/o/aaadca81559b40a38634843651d8dc75/c/null/a/1ac8a596-418c-440c-9ead-866e7821ac6d

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

fc1d6e177f0a93623a64d3db5c13f5aba3b47a22dfac2a92daf9b2b9b574aed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 16:51:53 GMT
X-Content-Type-Options: nosniff
Server: Apache
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Cnection: close
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 498ms
164ms Script
application/javascript 52.36.211.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/170
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.211.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-211-235.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:53 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 22:40:30 GMT
server: nginx/1.18.0
etag: W/"1640126430.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Fri, 31 Dec 2021 04:51:53 GMT

GET
H2 200 170 Show response
p.ad.gt/api/v1/p/ 25 KB
8 KB 498ms
167ms Script
application/javascript 44.239.49.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/170
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/170
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.49.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-49-94.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: c52f4548a2ef16dbac9976d779e9888ac5e7c92f2b50048674db1fad626beee4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:53 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 22:38:04 GMT
server: nginx/1.18.0
etag: W/"1640126284.0-25898-2710964840"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Fri, 31 Dec 2021 04:51:53 GMT

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&adnxs_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D8501595a-a0f4-45db-b44b-6b8d917f7263%26adnxs_id%3D%24UID
https://ids.ad.gt/api/v1/match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&adnxs_id=1123660468915283092

43 B
564 B

608ms
314ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&adnxs_id=1123660468915283092
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 31 Dec 2021 04:51:53 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 16:51:52 GMT
X-Proxy-Origin: 91.239.130.52; 91.239.130.52; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c374680c-d3dd-4ca7-b410-60abe1772c1d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&adnxs_id=1123660468915283092
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=8501595a-a0f4-45db-b44b-6b8d917f7263
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=8501595a-a0f4-45db-b44b-6b8d917f7263
https://ids.ad.gt/api/v1/t_match?tdid=323fb64c-037e-4225-8d05-5085901d4103&id=8501595a-a0f4-45db-b44b-6b8d917f7263

43 B
569 B

577ms
315ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=323fb64c-037e-4225-8d05-5085901d4103&id=8501595a-a0f4-45db-b44b-6b8d917f7263
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 31 Dec 2021 04:51:53 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=323fb64c-037e-4225-8d05-5085901d4103&id=8501595a-a0f4-45db-b44b-6b8d917f7263
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D8501595a-a0f4-45db-b44b-6b8d917f7263
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D8501595a-a0f4-45db-b44b-6b8d917f7263
https://ids.ad.gt/api/v1/pbm_match?pbm=6790B737-1A09-4C19-99D6-0EA5608090FA&id=8501595a-a0f4-45db-b44b-6b8d917f7263

43 B
571 B

548ms
314ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=6790B737-1A09-4C19-99D6-0EA5608090FA&id=8501595a-a0f4-45db-b44b-6b8d917f7263
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 31 Dec 2021 04:51:53 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=6790B737-1A09-4C19-99D6-0EA5608090FA&id=8501595a-a0f4-45db-b44b-6b8d917f7263
date: Thu, 30 Dec 2021 16:51:53 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=8501595a-a0f4-45db-b44b-6b8d917f7263
https://ids.ad.gt/api/v1/g_match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&google_gid=CAESEPMPFBqFk5xj-g2ojwfAzhE&google_cver=1&google_ula=450542624,0

43 B
572 B

453ms
174ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&google_gid=CAESEPMPFBqFk5xj-g2ojwfAzhE&google_cver=1&google_ula=450542624,0
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 31 Dec 2021 04:51:53 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&google_gid=CAESEPMPFBqFk5xj-g2ojwfAzhE&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=8501595a-a0f4-45db-b44b-6b8d917f7263
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ODUwMTU5NWEtYTBmNC00NWRiLWI0NGItNmI4ZDkxN2Y3MjYz

170 B
188 B

31ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ODUwMTU5NWEtYTBmNC00NWRiLWI0NGItNmI4ZDkxN2Y3MjYz

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ODUwMTU5NWEtYTBmNC00NWRiLWI0NGItNmI4ZDkxN2Y3MjYz
date: Thu, 30 Dec 2021 16:51:53 GMT
server: nginx/1.18.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3D8501595a-a0f4-45db-b44b-6b8d917f7263%26sas_uid%3D%5bsas_uid%5d
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&sas_uid=[sas_uid]&cklb=1

0
75 B

17ms
16ms

Image
text/plain

185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&sas_uid=[sas_uid]&cklb=1
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: HTTP/1.1
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:52 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&sas_uid=[sas_uid]&cklb=1
pragma: no-cache
date: Thu, 30 Dec 2021 16:51:52 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

impr_match
ids.ad.gt/api/v1/
Redirect Chain

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D8501595a-a0f4-45db-b44b-6b8d917f7263%26impr_uid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D8501595a-a0f4-45db-b44b-6b8d917f7263%26impr_uid%3D%7BPUB_USER_ID%7D
https://ids.ad.gt/api/v1/impr_match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&impr_uid=6bbaa3dd-945f-4643-8f54-5c236fd4e320

43 B
484 B

356ms
177ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/impr_match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&impr_uid=6bbaa3dd-945f-4643-8f54-5c236fd4e320
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 31 Dec 2021 04:51:53 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/impr_match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&impr_uid=6bbaa3dd-945f-4643-8f54-5c236fd4e320
date: Thu, 30 Dec 2021 16:51:53 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

unruly
ids.ad.gt/api/v1/
Redirect Chain

https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3D8501595a-a0f4-45db-b44b-6b8d917f7263%26unruly_id%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/audigent/0?zcc=1&dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3D8501595a-a0f4-45db-b44b-6b8d917f7263%26unruly_id%3D%5BRX_UUID%5D&cb=1640883112982
https://sync.targeting.unrulymedia.com/csync/RX-d70e9d07-a91c-47ca-8a23-bad1412440bd-003?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3D8501595a-a0f4-45db-b44b-6b8d917f7263%26unruly_id%3D...
https://ids.ad.gt/api/v1/unruly?id=8501595a-a0f4-45db-b44b-6b8d917f7263&unruly_id=RX-d70e9d07-a91c-47ca-8a23-bad1412440bd-003

43 B
489 B

395ms
180ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/unruly?id=8501595a-a0f4-45db-b44b-6b8d917f7263&unruly_id=RX-d70e9d07-a91c-47ca-8a23-bad1412440bd-003
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: H2
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 31 Dec 2021 04:51:53 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/unruly?id=8501595a-a0f4-45db-b44b-6b8d917f7263&unruly_id=RX-d70e9d07-a91c-47ca-8a23-bad1412440bd-003
date: Thu, 30 Dec 2021 16:51:53 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXd70e9d07a91c47ca8a23bad1412440bd003
content-type: text/html

GET
H/1.1

200
OK

4 Show response
v4-api-34-221-205-23.b2c.com/api/
Redirect Chain

https://api-34-221-205-23.b2c.com/api/x?pMKRMCvTRUwz3bMo$dXJsJDAkaHR0cHM6Ly93d3cucHJvdmlzaW9uZXJvbmxpbmUuY29tL2dkcHItcG9saWN5P3VybD1odHRwcyUzQSUyRiUyRnd3dy5wcm92aXNpb25lcm9ubGluZS5jb20lMkZhcnRpY2xl...
https://v4-api-34-221-205-23.b2c.com:444/api/4?pMKRMCvTRUwz3bMo

0
141 B

490ms
159ms

XHR
text/plain

34.221.205.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v4-api-34-221-205-23.b2c.com:444/api/4?pMKRMCvTRUwz3bMo
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: HTTP/1.1
Server: 34.221.205.23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-221-205-23.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: *

Redirect headers

date: Thu, 30 Dec 2021 16:51:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://v4-api-34-221-205-23.b2c.com:444/api/4?pMKRMCvTRUwz3bMo
access-control-allow-methods: *
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uf9veh94l8Sb65PA85tqYMHTnDVeW0tdd%2FmJy1BizzdqMrVbCliWijGfk40yPa6NMN5hzHoXUPwMtOTZ%2FH6K6d45LrN2eLFl1VkJwUNjRpr2fTCPbjOcFBZ0%2BbXVagB8KRisrcfeZ7HN3jEMsXBSWv7fp9gxnCY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6c5cc6809f1adfd3-FRA

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 538ms
177ms Script
text/plain 35.83.144.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=92b64c568dcfde7b2edf59e10ede6725&url=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/170
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.83.144.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-144-163.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 30 Dec 2021 16:51:53 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 8ms
8ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 15:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 30 Dec 2021 16:56:37 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 30 Dec 2021 17:14:31 GMT

GET
H2 200 cm
u.openx.net/w/1.0/ 43 B
305 B 36ms
16ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201ytsvzn07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3D8501595a-a0f4-45db-b44b-6b8d917f7263
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:53 GMT
content-encoding: gzip
server: OXGW/17.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
652 B 179ms
177ms Image
image/gif 52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=8501595a-a0f4-45db-b44b-6b8d917f7263&halo_id=0201ytsvzn07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:53 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 31 Dec 2021 04:51:53 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/279934/ 9 KB
4 KB 33ms
6ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/279934/config.json?cb=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: c62e8fc8b90589464c87e7a21ef01311e75276c4f30791db96c4ce5d2dfb9c29

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:53 GMT
content-encoding: gzip
last-modified: Thu, 30 Dec 2021 12:01:04 GMT
server: nginx
etag: W/"61cd9f80-2202"
content-type: application/json
access-control-allow-origin: https://www.provisioneronline.com
expires: Thu, 30 Dec 2021 17:51:53 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H/1.1 200
OK vr Show response
ghb.hbmp.mediafuse.com/ 40 B
300 B 163ms
162ms XHR
application/json 209.58.175.20
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/vr?bids=14046
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/455800/hbw_master_302826_5912.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.175.20 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 1ddd0013e8209e0d55da94e5dcc69ffdd450a17b2099554a0963748c70cccf6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.provisioneronline.com
Date: Thu, 30 Dec 2021 16:51:53 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 40
Content-Type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 633 B
1 KB 187ms
172ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

bf43b01abb2f72067aad11191c7d45eddd1e38353c205e3e281b6df15f730b69

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 30 Dec 2021 16:51:54 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.130.52; 91.239.130.52; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d12b961f-1351-433b-ba06-702521e45884
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.provisioneronline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
226 B 54ms
13ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0&cb=15925766550

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:53 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
372 B 74ms
23ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.provisioneronline.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
515 B 37ms
15ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 30 Dec 2021 16:51:53 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.provisioneronline.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 136 B
785 B 92ms
38ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22286ec308597286a%22%3A%2206ac434a18c35669aa72%7C970x90%2C728x90%2C970x250%7Cgpid%3D%2F52040140%2Fnp%2Fweb%2Fsubpage%2Fleaderboard%22%2C%2229bdbb381bb613%22%3A%2206ac434a18c35669aa72%7C160x600%2C300x600%7Cgpid%3D%2F52040140%2Fnp%2Fweb%2Fsubpage%2Fsidebar-sky%22%2C%2230e1d0406550336%22%3A%2206ac434a18c35669aa72%7C300x250%7Cgpid%3D%2F52040140%2Fnp%2Fweb%2Fsubpage%2Fsidebar-mrect%22%7D&ref=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&s=886818ba-dbd2-4e2e-96d4-b66a79b3120d&pv=c3d24a27-cb10-40c2-9019-28d1fdd66a68&vp=desktop&lib_name=prebid&lib_v=5.20.0&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22mediafuse.com%22%2C%22sid%22%3A%2252%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%225ef97d69-a768-4e05-aa58-fe376ca1fe99%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%225ef97d69-a768-4e05-aa58-fe376ca1fe99%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

a685198692b5831e5dd26c0d6c195faafd747e3e2e0f13916f7e1c1aa7decdf9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 16:51:53 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.provisioneronline.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 161
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
187 B 446ms
152ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.provisioneronline.com
date: Thu, 30 Dec 2021 16:51:54 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
831 B 101ms
79ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUO2I9ST
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: fcd8b7317a89948578e5ee92d802852cd96dd15c9ff99e82e1ed85965eae5973

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:53 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.provisioneronline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 361 B
459 B 860ms
492ms XHR
application/json 209.58.165.102
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.165.102 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 7bfafb0c7307e804937b3d77b5f75ce413e172cfdc046fd9e1e0a60463924299

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 30 Dec 2021 16:51:53 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.provisioneronline.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 159

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
921 B 390ms
297ms XHR
application/json 88.212.252.22
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.provisioneronline.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST auction
rtb.adxpremium.services/openrtb2/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
862 B 58ms
44ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 16:51:53 GMT
X-Proxy-Origin: 91.239.130.52; 91.239.130.52; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: feaa8150-a2b8-482b-9b7c-73af67d0782f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.provisioneronline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
354 B 388ms
196ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.provisioneronline.com
date: Thu, 30 Dec 2021 16:51:53 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 103
vary: origin, Accept-Encoding

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
193 B 326ms
98ms XHR
text/plain 198.148.27.133
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.148.27.133 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.provisioneronline.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-no-bid-reason: Passback by decision
date: Thu, 30 Dec 2021 16:51:54 GMT
server: envoy

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 4 KB
3 KB 114ms
72ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.20.0
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: f56a475840f40cfab7dc460c82631d7aed76f5a5a4945c31bf05b4f8a0543872

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 30 Dec 2021 16:51:53 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.provisioneronline.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 2466

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
1 KB 227ms
153ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=5ef97d69-a768-4e05-aa58-fe376ca1fe99%5E1&rf=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&tk_flint=pbjs_lite_v5.20.0&x_source.tid=fb18e0b4-0a5b-4b87-b0f0-259e61710cc6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4043253486652463
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 766641214ce6aaa774462a6d9ad4a51a8b9faaa8f21ec6f70fbf8c246d3fee31

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 16:51:54 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.provisioneronline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 256 B
1 KB 159ms
85ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=9&alt_size_ids=10&eid_pubcid.org=5ef97d69-a768-4e05-aa58-fe376ca1fe99%5E1&rf=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&tk_flint=pbjs_lite_v5.20.0&x_source.tid=6ed0632b-90bf-4c84-9005-cdf195403dcf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1950738090427806
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 8c3248d574d9eefb4acbe4410019b8c860754f63845f7ec5f25f083c22337897

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 16:51:54 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.provisioneronline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 256
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 237 B
1 KB 161ms
81ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&eid_pubcid.org=5ef97d69-a768-4e05-aa58-fe376ca1fe99%5E1&rf=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&tk_flint=pbjs_lite_v5.20.0&x_source.tid=30f1447a-bb85-43c9-a64a-eb538765b1e3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.522717812857936
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: efbff741bcf13d2a00b87975768393bfdba8e66a5c4d93d02ad8cb2166ab5575

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 16:51:54 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.provisioneronline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 237
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
67 B 239ms
184ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.provisioneronline.com
date: Thu, 30 Dec 2021 16:51:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 mvo Show response
tag.1rx.io/rmp/86044/0/ 0
181 B 1060ms
18ms XHR
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/86044/0/mvo?z=1r&hbv=5.20,2.1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.provisioneronline.com
pragma: no-cache
date: Thu, 30 Dec 2021 16:51:54 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
123 B 92ms
40ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.provisioneronline.com
date: Thu, 30 Dec 2021 16:51:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 73 B
212 B 28ms
20ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fb18e0b4-0a5b-4b87-b0f0-259e61710cc6%2C6ed0632b-90bf-4c84-9005-cdf195403dcf%2C30f1447a-bb85-43c9-a64a-eb538765b1e3&nocache=1640883113310&pubcid=5ef97d69-a768-4e05-aa58-fe376ca1fe99&schain=1.0%2C1!adtelligent.com%2C302826%2C1%2C%2C%2C&aus=970x90%2C728x90%2C970x250%7C160x600%2C300x600%7C300x250&divids=div-gpt-ad-leaderboard%2Cdiv-gpt-ad-sidebar-sky%2Cdiv-gpt-ad-sidebar-mrect&aucs=%2C%2C&auid=541177132%2C541177132%2C541177132
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e3b1ecb2f7d6285b7b049695ad138dfe7e80e92b803df57dfb8cf23f847f629

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:53 GMT
content-encoding: gzip
server: OXGW/17.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.provisioneronline.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 1 KB
666 B 85ms
19ms XHR
application/json 185.239.173.210
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 7d26b25e0f034d34f32e5cea9f3d236b5736371928247bbf99b0512caf8a906f

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 30 Dec 2021 16:51:53 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.provisioneronline.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 366

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
120 B 42ms
12ms XHR
text/plain 3.124.208.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.208.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-208-111.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.provisioneronline.com
date: Thu, 30 Dec 2021 16:51:53 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
120 B 41ms
11ms XHR
text/plain 3.124.208.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.208.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-208-111.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.provisioneronline.com
date: Thu, 30 Dec 2021 16:51:53 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
120 B 40ms
10ms XHR
text/plain 3.124.208.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.208.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-208-111.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.provisioneronline.com
date: Thu, 30 Dec 2021 16:51:53 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
121 B 39ms
10ms XHR
text/plain 3.124.208.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.208.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-208-111.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.provisioneronline.com
date: Thu, 30 Dec 2021 16:51:53 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/www.provisioneronline.com/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.provisioneronline.com/ROS?rnd=0.894444312828891&e=728x90_0%3A728x90%2C970x250%2C970x90%2B300x600_0%3A300x600%2C160x600%2B300x250_0%3A300x250&ur=https%...
https://pbjs.e-planning.net/hb/1/2e43c/1/www.provisioneronline.com/ROS?ct=1&r=pbjs&rnd=0.894444312828891&e=728x90_0%3A728x90%2C970x250%2C970x90%2B300x600_0%3A300x600%2C160x600%2B300x250_0%3A300x250...

98 B
519 B

18ms
17ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/www.provisioneronline.com/ROS?ct=1&r=pbjs&rnd=0.894444312828891&e=728x90_0%3A728x90%2C970x250%2C970x90%2B300x600_0%3A300x600%2C160x600%2B300x250_0%3A300x250&ur=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&pbv=5.20.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&e_pubcid=5ef97d69-a768-4e05-aa58-fe376ca1fe99
Requested by: Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke
Protocol: H2
Server: 46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: a4cdf2582e6513d95dd7ff39e384b80f9752e67aa08da6f03498d5090f79c2d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.provisioneronline.com
expires: Thu, 30 Dec 2021 16:51:54 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 98
x-sid: AMS-742

Redirect headers

date: Thu, 30 Dec 2021 16:51:53 GMT
server: openresty
access-control-allow-origin: https://www.provisioneronline.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/www.provisioneronline.com/ROS?ct=1&r=pbjs&rnd=0.894444312828891&e=728x90_0%3A728x90%2C970x250%2C970x90%2B300x600_0%3A300x600%2C160x600%2B300x250_0%3A300x250&ur=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&pbv=5.20.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&e_pubcid=5ef97d69-a768-4e05-aa58-fe376ca1fe99
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-742

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 144ms
100ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695b0017b7beed30eefccc9590049&pos=8a9690b0017b7beecec1efce74be0064&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 231853441ef9d4c570e2f23935d1f6bf367f96b06cfae02ed4f691dc6e8fea49

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 246ms
203ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695b0017b7beed30eefccc9590049&pos=8a9695b0017b7beed30eefcf2566004b&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ae4750813a6c6e724d91c2f040a821de051d02b1cb0991ce98b2618b5bb97857

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 139ms
96ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695b0017b7beed30eefccc9590049&pos=8a969cde017b7beecb1befcfc2ad005c&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: fc267bbdefeb6314d38a7f35469a23a283172fed12751edd1f7aa1ec89b57d57

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 132ms
89ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695b0017b7beed30eefccc9590049&pos=8a9695b0017b7beed30eefd0673f004c&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 24324a567345cd1438b4b90bb64069b5789f62a16c395d67bd3a27fa433f8175

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 130ms
88ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695b0017b7beed30eefccc9590049&pos=8a9690b0017b7beecec1efd150bb0065&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 7f33ff5b5ca83ed5b4c3f9c72bb22ea7240e5c5f95b2a7efd3015d9aae9a02b9

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 125ms
85ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695b0017b7beed30eefccc9590049&pos=8a9690b0017b7beecec1efce74be0064&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 089092de0db62c119be0294a75c8ade991e7a825653b2a8616390cade831db3d

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 170ms
130ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695b0017b7beed30eefccc9590049&pos=8a9695b0017b7beed30eefcf2566004b&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: a79922bb5003593671ee000c4d24eaace7c6240c251780bf10764e48f30fc956

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 111ms
71ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695b0017b7beed30eefccc9590049&pos=8a969cde017b7beecb1befcfc2ad005c&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 0f7e66e67fa16d1d076cd9e5e705272072e2b0b8638be73f51c2227f9146cda6

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
94 B 177ms
138ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695b0017b7beed30eefccc9590049&pos=8a9695b0017b7beed30eefd0673f004c&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: db6857412d1e9002a96ea53bd98f437c5984064b9ee7b675527bc15fd01a1fb8

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 149ms
111ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695b0017b7beed30eefccc9590049&pos=8a9690b0017b7beecec1efd150bb0065&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 263350c832a4c7269ab372c9e2a7a4da4317122c81d10f5132109ff8df18a6f2

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 121ms
83ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695b0017b7beed30eefccc9590049&pos=8a9690b0017b7beecec1efce74be0064&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ccb8a4caed1d6b17fb6722a8ae16bd32cb4db2e84080de1b2ccd782e203c9902

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 151ms
113ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695b0017b7beed30eefccc9590049&pos=8a9695b0017b7beed30eefcf2566004b&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 578c4b6de5681d77a250b48ff4fccdaf3e26a0e25ffe128d9b74dcd8ad76f86f

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
299 B 104ms
66ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695b0017b7beed30eefccc9590049&pos=8a969cde017b7beecb1befcfc2ad005c&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: d8319da63e5ed870e632d86e5be6be84494190c5f792affa60973f5d1c0a4e22

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 133ms
96ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695b0017b7beed30eefccc9590049&pos=8a9695b0017b7beed30eefd0673f004c&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 9b76d25cbe04082a98d5e09a7a7e026562e3b5a6add9842ff60f247779df62c4

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 147ms
110ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695b0017b7beed30eefccc9590049&pos=8a9690b0017b7beecec1efd150bb0065&cmd=bid&secure=1
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: baa5544e4a78d73089cfe740e6fb9299be2c9f074f05dd0869200d45ffc19be9

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-credentials: true
content-length: 62

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 44ms
21ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.provisioneronline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 16:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.provisioneronline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 16:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 856 B
283 B 56ms
54ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2867680896376492&correlator=3393607544168259&output=ldjh&impl=fifs&eid=31061690&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211230&iu_parts=52040140%2Cnp%2Cweb%2Csubpage%2Cslider%2Csidebar-mrect-mobile&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5&prev_iu_szs=1x1%2C1x1&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=page_type%3Ddefault%26reg_user%3Dfalse%26page_name%3Dgdpr_policy%26subscribed_user%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1640883113&dt=1640883113347&dlt=1640883110259&idt=1158&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933%2C1085&adys=-12245933%2C924&adks=2802270942%2C1140276116&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x2697%7C300x1457&msz=0x0%7C300x51&ga_vid=1203073193.1640883111&ga_sid=1640883113&ga_hid=1603887123&ga_fc=true&fws=128%2C4&ohw=0%2C1600&btvi=-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

2bae099565c4a6ad638d8c9d13b13c9009bf2b2d2c78673850ce62c054cb1b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.provisioneronline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7c5790e99b63aefbd32ba0b36020c9a5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0CA8 6 KB
4 KB 71ms
21ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7c5790e99b63aefbd32ba0b36020c9a5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 30 Dec 2021 16:51:54 GMT
expires: Fri, 30 Dec 2022 16:51:54 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H/1.1 200 p
olytics.omeda.com/olytics/segments/ Frame 0
0 112ms
112ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.provisioneronline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Thu, 30 Dec 2021 16:51:53 GMT
Server: Apache

OPTIONS
H/1.1 200 /
olytics.omeda.com/olytics/segments/form/check/ Frame 0
0 227ms
113ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/form/check/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.provisioneronline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Thu, 30 Dec 2021 16:51:53 GMT
Server: Apache

POST
H/1.1 200 p Show response
olytics.omeda.com/olytics/segments/ 662 B
956 B 2185ms
1961ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/p

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

c04dea18ac2f1918647a17e059a4ba6d24e6c703337ba20da314d2f25a14a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 30 Dec 2021 16:51:55 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 / Show response
olytics.omeda.com/olytics/segments/form/check/ 20 B
313 B 231ms
114ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/form/check/

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 30 Dec 2021 16:51:53 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 cswitch Show response
olytics.omeda.com/olytics/segments/ 143 B
436 B 158ms
135ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/cswitch

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

5dd4a310c777011e7c2825a78072bbbb3435c3d5a1b1b1da382dd413292dbdd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 30 Dec 2021 16:51:53 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 cswitch
olytics.omeda.com/olytics/segments/ Frame 0
0 341ms
116ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/cswitch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.provisioneronline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Thu, 30 Dec 2021 16:51:53 GMT
Server: Apache

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 36ms
21ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a14e7fbaccbf34d2e5b6c0e5d227b9d02439ffe171b831bedaa9b5c6a0ee3f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 16:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8562
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 49ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Thu, 30 Dec 2021 16:51:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4900 13 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Thu, 30 Dec 2021 16:16:39 GMT
expires: Fri, 30 Dec 2022 16:16:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8D9B 783 B
1 KB 43ms
18ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2e7d66121f7f8e4e797fbaa8e8796106c3668cecc4d595588c198548a2525fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oW9MuC0Tav7wxxEW5iE7gA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 30 Dec 2021 16:51:54 GMT
date: Thu, 30 Dec 2021 16:51:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-oW9MuC0Tav7wxxEW5iE7gA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4900 35 KB
13 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:49:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Dec 2022 20:49:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8D9B 0
0 46ms
46ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=2867680896376492&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=2867680896376492&bg=!bW6lbirNAAZKWFskSlg7ACkAdvg8Wo5ERpn5DGRBwNKFYgaHT1FPULCLOW7WrmUygX0eHLqJ3Q-AVwIAAABZUgAAAAtoAQcKAHp9LZGy8QCaKewha0CmFhbQSyG0M_CVOt_ICBEsLjEA2ztbhRino27jS5gt_pkfSQtjVlJSzB6DjFH-jsKEpjJwZ7q21yAfKlGebHxvvXvC2revqbP48ecvm5fzyiq4azfG1F2TQr0Oz5qwzxjsxF4UpgHWK71ZNccdTZkCtLkvr6UyF8Go-rEHKmtpRCgtF8pYciXcbZwWyyIc8QckuEiDeMw8Vlzg56yo33fG1Vi8G2VmnPnGimfc3nrQ4SC2n54s7ylLaihFpNg-PSlZdkpj6YRgd10ERrcqGB42CpdkQPurAfXcMpAGL_iMNIKGrGTuoITMHAnh_kaXQEvNQHOW4PyMN1SdJUewBvgLzeGQyyLo0nnmp_iiKx5HemPj7n3FzYiyqp12QqUmkOT7fq8mywmBVUG8NtbLPRlQ8Uwpmd0QcH0mcQ4w0lnULX2DTiEywRUDbfQ1wuO_bzd0md6Plxc1ZrffmMZrd_p8eUz-uEoWEqux71xNWK5B0gNhR5WCQaw1vos4Fy4W4eZwKq2zo1ERWrHWcoohFxdvZp2UCrsmFX9CnXjjEAL6ISQUmbNQ9GbXt_3ibYArFxELo8w2yUIBE58MVP5t_hUdxd0br9zPdHUiVjsg0BZzLE7PfyXy4dRpw7EgQRX0DY_HNbgmsPEtelv1DvtszVNggvhDvQTguEak-OEa2snMQB5WmxIdWV6uibBKtQdXhDcsTAI1vmo1RRHR2MOI9BvV9PzHJb8XOtDHWxobVVde2za3n8ygo0dI9su3iXAxgS2FdiBgB_Jos4QfaRx3uUMkbhMwJALAK05bRgmLBxpqgGSy9IUjr7qELlGiCd9e_6cfoNSCqXOPVmjUhZ3dxeO6CCI3knUIuy58VgZMiL0VCkytxhljzdXfiWyeMUVJNRd4qv2llnVzWMtJWf_l2YGod84nLViFE_hb6AaNXXvw0jnqEpVGbLSN6KEIxg2HPSlXt7yoGQjvCNzPVCGBy6ZaPkxxhXxgEpaXKm5e-LS_1JQIQymAc3NKIcBd0wLqOq_neP2k09c9uOJyDSWvpN4OvAw3d37hC9PKEZrqpnAUNMZRpJ4a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.hbmp.mediafuse.com/adunit/ 0
216 B 219ms
218ms XHR
text/plain 209.58.175.20
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/adunit/multitracking
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/455800/hbw_master_302826_5912.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.175.20 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.provisioneronline.com
Date: Thu, 30 Dec 2021 16:51:54 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.provisioneronline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 16:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.provisioneronline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 16:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 85 KB
14 KB 417ms
417ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2867680896376492&correlator=1259185029057739&output=ldjh&impl=fifs&eid=31061690&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211230&iu_parts=52040140%2Cnp%2Cweb%2Csubpage%2Cleaderboard%2Csidebar-sky%2Csidebar-mrect&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6&prev_iu_szs=970x90%7C728x90%7C970x250%2C160x600%7C300x600%2C300x250&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=page_type%3Ddefault%26reg_user%3Dfalse%26page_name%3Dgdpr_policy%26subscribed_user%3Dfalse&cookie=ID%3D5670530dbf627aea%3AT%3D1640883113%3AS%3DALNI_Ma1gWNBaMXGzNNF1VV62ud-u7PRHw&bc=31&abxe=1&lmt=1640883114&dt=1640883114380&dlt=1640883110259&idt=1158&frm=20&biw=1600&bih=1200&oid=2&adxs=215%2C1085%2C1085&adys=286%2C326%2C873&adks=3457939613%2C2734714168%2C2905154957&ucis=3%7C4%7C5&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.provisioneronline.com%2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x0%7C300x1377%7C300x1377&msz=1170x0%7C300x1%7C300x1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1203073193.1640883111&ga_sid=1640883113&ga_hid=1603887123&ga_fc=true&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&btvi=0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

dc4e8128d5dbcca0060bd28c7f17536b59d3262b43a28bc6b36472a784f030b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14755
x-xss-protection: 0
google-lineitem-id: 5846483166,5841364471,5853662084
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351707047,138372341030,138374328596
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.provisioneronline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 750C 0
0 43ms
42ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwZAlL2FJeBaJqH3o9vKawdv0_th4L5oj5SdQ3XjBmUYAFaNfsWXxg1IIgW7zFIJnJAgvJxNAey99c5ZPyBS7iv_GVdGmozWvlkZvSt296nzwgyd4youN921YhR4-oQEr1uFAh8HQnHm7APG_f3ST9XYVErUHJq4OqzF70XqntKzTIiLOUY-krkjQE72kdL85yFU5x2eDUkjI6ClUbdfMsliPkhNaS2rdge0ZMQqtmYtm9sUEUgEF5sQcJh5gOxhEH_qcXsKZnIOrfizAgSEoAgCJFeJSSHGz40RFPmwVCyuYKoy8k3Zf_QJDZWtQqLfO8P_BJc4sJCIX3IA3t7k36&sig=Cg0ArKJSzOmsB5wUMH9tEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 16:51:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 750C 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jan 2022 16:51:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 750C 119 KB
36 KB 46ms
31ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Dec 2021 16:51:55 GMT

GET
H3 200 5749825614928323538
tpc.googlesyndication.com/simgad/ Frame 750C 194 KB
194 KB 59ms
59ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5749825614928323538

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64b866aa90f5bd3f37e362e535a25bb1a680841f7f4028539224486aa07fac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:55 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198232
x-xss-protection: 0
last-modified: Tue, 01 Jun 2021 13:54:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Dec 2022 16:51:55 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 433D 0
0 42ms
41ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZhy3R81_7uTGBT_Sodi7MOpYGRBP51Hp84KWEcoZhlfe5whcoR714S0tMo5NEyqYlsaxhfwZ4yBUQXhvQX0AsjJqHt7iygoLI32TsZ4cs-I5w_L2KAXRS3go1SEzgRzzvpEzPUG_iwj8uppWS8YI6qJeudnrES9ucyN8VJWwsDMnm8GFCOVwvav29Roc3nxLX7WlarbS0fjhB4-02Sjf14ixODS0pxfhEoR_J2Ucf9cheJnVBDFr9jphcE6YS1SM0Ge5Y7cwiPbQHTQEDw0xcwnbjUB3jSxk6xoHHAoBqxdpIv_WA_nRXvyQRlGWBiujSYtdOC0qKUW4jsvA04zbIQvHf91oC8M6NWuNJBOnRMxM&sig=Cg0ArKJSzESQ90mMcYKkEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 16:51:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 433D 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jan 2022 16:51:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 433D 119 KB
36 KB 37ms
30ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Dec 2021 16:51:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 433D 0
0 33ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9GkJz1usQpOXa6zj4mHyTKdI1p_fje9LlC_xtKJhQJ1rh4aqF-nJKRcKhjdcZC5jnR0iS
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 14444588463456629337
tpc.googlesyndication.com/simgad/ Frame 433D 28 KB
29 KB 8ms
7ms Image
image/gif 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14444588463456629337

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7822d2d595a676744660d12f3f24dfd7c83303f206d81991eed874d8b0bdb95e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:56:57 GMT
x-content-type-options: nosniff
age: 168898
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29183
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 14:24:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Dec 2022 17:56:57 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5C6B 0
0 43ms
42ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2d6fCHT3J_WSQr-5nwQQcfvr33gYHkrUR6tMSE_WKbwY6O5Sit_2fYSLtA8Ts2KroKPq4DuFATRZoKHLkZwG-R8C03vGkNODLUiIEz2JHJot6TZWyW0sdyNIMkhQtYMhBB9X9ZfF3SlwZmi4B0EYXiwhBH7xoWP5kCkornm1E-A6ktmQdVg0ra4TtL8n6ma0NcFgqp6W0Rjml6_LVXfuc-q7XmHN4M4TO8eAbzZkBhvoJXdQ0fHSwC82_YcnAu-KJmqkkz7UnOl_9kFDwqXhNBVxhWUY-kWiKO3dUpd4TYfwkOSydQWl3svE_0TyKV7Whrbw6SZAzZit3qTfcrT5HYXEstO8-dnIJh937bC0pO-eSlQ&sig=Cg0ArKJSzA0B6bVEJoTmEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.provisioneronline.com
URL: https://www.provisioneronline.com/gdpr-policy?url=https%3A%2F%2Fwww.provisioneronline.com%2Farticles%2F111896-blowing-smoke

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 16:51:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5C6B 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jan 2022 16:51:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C6B 119 KB
36 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Dec 2021 16:51:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5C6B 0
0 18ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVpTJVrJ9JSc0edpL_Hjz9aKThYdanvn0iscdrgU5h0F8XoGnC3GibqGyksMt_jJ8WzMOk
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 494271077692566341
tpc.googlesyndication.com/simgad/ Frame 5C6B 37 KB
37 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/494271077692566341

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d813321c52a22a6586f12b54ff6e5c3a3a64b39df64643b400fc762541cf29f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 09:34:48 GMT
x-content-type-options: nosniff
age: 285427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38250
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 21:22:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 27 Dec 2022 09:34:48 GMT

GET
DATA 200
OK truncated
/ Frame 750C 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4291e426fe2cc59647334e0b24e59a0bd4bb2dd009009617b03dbab88259f633

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5C6B 0
0 43ms
43ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnwB8o4LMcXKnyYQbrNomkbyBgh8w5fN6DZN-sNvEc1o6XlWMTFEaPa7ItDtwdPH7SMtxpH_NmxUllrwqzz861kxqq21WAhPb38qFYKvlH1pA1dIF6_GMyJuK39mZZuSuOstcI1zsuIFTVg3NMWZkxBGdphYsdOMbV7YG71zjoMmfz64MaGbfetCc0lwG2D0rvRCOjEdeUGEc4c2CTHgLOvx-Gv1DGWy0KXXmbH-DZG0Aa1-wPOZ8V8VoBUT7rLFy3-oDldZ4pl6BQUrXGQgQnDKsXNsLMh-vr5OrY6WCxwUF8ChDhJYVBKBlOerN3r-R4nlYf7i0c4QCBo8bJNhkwY57KCFRrwg&sig=Cg0ArKJSzLA6P2F_G9BREAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 16:51:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 30 Dec 2021 16:51:55 GMT

GET
DATA 200
OK truncated
/ Frame 5C6B 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fd877026804a54b48c7ae144864a5c703bda1633479f5c3a66975cf228d13c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 433D 0
0 41ms
41ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEffnjuN7NaY4uYXVA-HgXSW8FNXLgUDPxXlbUmGcz84AFkG4PposqGM-ojxv4Ec4zOdpuATNeUlwfsRrfxQLkSEftHQDVH4c4_L7kIYe6RXIcGZKj9p5ykobcMAjozMKwi3lBh4wwo7RSu4Y6IXhc72EbhVzt-CG7mTNoUvvl43cTYg9pVOVRs8Ex7ohkP8bRg1WMmrzUD9wjxlfB8r7k1Myp_hVX20XHT_EY4nvk8ATBbAdpExHQkwg8CFm5WRmIaxNhBDqCN9z5rfj39cTN5ZY8MQ8_3hmRn96gn2repXfMOaswDCcR9KHDeidTfAc4xPwFuXa4uWK9KxywO0emo6bNXoI&sig=Cg0ArKJSzBkat85IXi_AEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 16:51:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 30 Dec 2021 16:51:55 GMT

GET
DATA 200
OK truncated
/ Frame 433D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bbec935e4c59bf32896d5bb240f97ac0e67aab6e107000bd4d069dd3eef443d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 750C 0
0 42ms
42ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMZEr9dQdqgyLsAIy2JK3v_TIK343XwY-Fxwq9Et8CpB6qtu5sD83M0ojPyCeyH-ym4Sg0fQ_OsCjif_GV8HThMKD1YCW1lysQ3b77RFJuKFAr8N2DC3TWC0bRIAM_KGB6mgdJkGGPvud5bYuVIsiPnbqcH2mt77AAcQmQoOwZoo2ti9KUE4sI_1rr2f4tzVKu23YQQ4Ychta-vCISTAYpZdJLJtQmGACc5s4Q6U-svq-1ft_nB_hhWZSf807efYHWI_evC4XnIFPsvthZYv-GOUkseQEj5XzQiFvk1ncxP5Ghz25v4eyEjcuwu7qDCYA3wE7w9_L13u0WrkNf-d71PPc&sig=Cg0ArKJSzIkRVr6PO4k6EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 16:51:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 30 Dec 2021 16:51:55 GMT

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 66ms
20ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.113.js

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:55 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 31 Dec 2021 16:51:55 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3A3E 9 KB
4 KB 58ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.provisioneronline.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

133be2ab152b1c9f408e9a597430361539cf3b8255a0a92f8a8a8a885e079702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2101
date: Thu, 30 Dec 2021 16:51:55 GMT
content-length: 4161
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 40ms
14ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:51:56 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 31 Dec 2021 16:51:56 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.hbmp.mediafuse.com/adunit/ 0
216 B 169ms
168ms XHR
text/plain 209.58.175.20
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.hbmp.mediafuse.com/adunit/multitracking
Requested by: Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/455800/hbw_master_302826_5912.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.175.20 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.provisioneronline.com
Date: Thu, 30 Dec 2021 16:51:56 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3A3E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=provisioneronline.com&sn=ChromeSyncframe&so=0&topUrl=www.provisioneronline.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=kN2wHnxVMFpiK1BIOG9YWEpHbk1DMnE1ei95Rmo2eEpTODIreFVyQkRSVk1KelVES0hsRHYyTjRTZlZEOEhpbUhWZG5xNmJMNEg5VzhoQ1NXM0FTZXpZOWtyanBLUUdCSXM5T0NZS3VEUlFoYURwSW84Si9nT1dDeWFuQz...

457 B
649 B

70ms
18ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=kN2wHnxVMFpiK1BIOG9YWEpHbk1DMnE1ei95Rmo2eEpTODIreFVyQkRSVk1KelVES0hsRHYyTjRTZlZEOEhpbUhWZG5xNmJMNEg5VzhoQ1NXM0FTZXpZOWtyanBLUUdCSXM5T0NZS3VEUlFoYURwSW84Si9nT1dDeWFuQzM4Sk5NRy82TTh3ZWtUUjZpQy9GSUdkYm1ZYjhYQVhMSHBqMzlzeFN3U3JtU2xLbVd5OUpEVFV4djhvMmhuMVJ1UldaMGtvVUV3OEY4UnpLQmxycHZlQWNrM3YxTldxMURKbllCUDVIRjAvRDEzeXovRmdVcEdXSm1GWDVoYTJ4dHYwODlrdVNBRmlZb3lmdkZhTFdSWC9veUFDWUVTTG5nRWNzVTVZalhtaFMyVlV5SXFoYz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5fb89c56a61d2a591d7cc6fe890ce3c1e609d190ad45ebaf13f5365538ca0f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:56 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4907
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:56 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=kN2wHnxVMFpiK1BIOG9YWEpHbk1DMnE1ei95Rmo2eEpTODIreFVyQkRSVk1KelVES0hsRHYyTjRTZlZEOEhpbUhWZG5xNmJMNEg5VzhoQ1NXM0FTZXpZOWtyanBLUUdCSXM5T0NZS3VEUlFoYURwSW84Si9nT1dDeWFuQzM4Sk5NRy82TTh3ZWtUUjZpQy9GSUdkYm1ZYjhYQVhMSHBqMzlzeFN3U3JtU2xLbVd5OUpEVFV4djhvMmhuMVJ1UldaMGtvVUV3OEY4UnpLQmxycHZlQWNrM3YxTldxMURKbllCUDVIRjAvRDEzeXovRmdVcEdXSm1GWDVoYTJ4dHYwODlrdVNBRmlZb3lmdkZhTFdSWC9veUFDWUVTTG5nRWNzVTVZalhtaFMyVlV5SXFoYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1753
content-length: 567
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 433D 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvy3J5NQYMLmDNyMgOV670LxZqhrrkOvXLs8PRIMZpfFrQn-761e3KNbFjtY-m-dxLkpNZbDVT9NOpfECPh7gjMjKTQMwDLIEvlJ7rInZuvsmTp8yKD&sig=Cg0ArKJSzD9hRjA0zoB_EAE&id=lidar2&mcvt=1000&p=556,1085,1156,1385&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2734714168&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640883114850&rpt=122&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 750C 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaRVZhJYUVlJ_QZXBFBAm29GqvpCzMnzsAUgKgnTcdOCIbyj7bZppAaTBNL7AGP0ADNNVOu0LtQ6n7fapdexBLanoJvl_xdzyq5qgRnPxt-Uts3Ydx&sig=Cg0ArKJSzCDhPbfidbPREAE&id=lidar2&mcvt=1000&p=286,315,536,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3457939613&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640883114835&rpt=149&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 47ms
17ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.provisioneronline.com%2F&domain=www.provisioneronline.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.provisioneronline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://www.provisioneronline.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1717
date: Thu, 30 Dec 2021 16:51:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.provisioneronline.com%2F&domain=www.provisioneronline.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=kFZruHx4Q3NOY3VsSGliNDBVV0hCSUFLcjAxRkcvN0VHR3lvNkxvaUFvQnYrZGxUbkNDbXdGVys3U3dUR3dGc2U3U0hvRGtrclV0MENWLzQvVGVvRFgzdmwwb0MwME1vOGtzVDFPUmpjZWNwSTVtTStJVXY5ZTdFSUJDVX...

465 B
698 B

15ms
14ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=kFZruHx4Q3NOY3VsSGliNDBVV0hCSUFLcjAxRkcvN0VHR3lvNkxvaUFvQnYrZGxUbkNDbXdGVys3U3dUR3dGc2U3U0hvRGtrclV0MENWLzQvVGVvRFgzdmwwb0MwME1vOGtzVDFPUmpjZWNwSTVtTStJVXY5ZTdFSUJDVXFncFNzUUZxbXJibnErd3RDSVIzMEhwWlhvQVArbVpZNVU5L3N0cGpvd2pHdHZnSzN2d24valhFcUMvdldvS216MDZheVhrTjkvSnRHbm1WU05ZNGxLcjFjWlNBRndIei9FTlFGbkErcnUvTG5KWThlRzZDblpWS2t0YmFvL2Q2SGJrbnR0RmhrVU54R1oxWXRvRDIwSzhDRnhQWWxmSW9hWWcvVU1wTm5ST1FQVFNJaHFWOD18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8b10923e70ee7d836b7915f3e09e01718a6eff37c64036b18ff459ee426b49f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.provisioneronline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:57 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2834
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 16:51:57 GMT
location: https://mug.criteo.com/sid?cpp=kFZruHx4Q3NOY3VsSGliNDBVV0hCSUFLcjAxRkcvN0VHR3lvNkxvaUFvQnYrZGxUbkNDbXdGVys3U3dUR3dGc2U3U0hvRGtrclV0MENWLzQvVGVvRFgzdmwwb0MwME1vOGtzVDFPUmpjZWNwSTVtTStJVXY5ZTdFSUJDVXFncFNzUUZxbXJibnErd3RDSVIzMEhwWlhvQVArbVpZNVU5L3N0cGpvd2pHdHZnSzN2d24valhFcUMvdldvS216MDZheVhrTjkvSnRHbm1WU05ZNGxLcjFjWlNBRndIei9FTlFGbkErcnUvTG5KWThlRzZDblpWS2t0YmFvL2Q2SGJrbnR0RmhrVU54R1oxWXRvRDIwSzhDRnhQWWxmSW9hWWcvVU1wTm5ST1FQVFNJaHFWOD18&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.provisioneronline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1993
content-length: 567
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
543 B 97ms
23ms XHR
application/json 54.36.109.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/ex18992/hb_302826_5912.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.186 , France, ASN16276 (OVH, FR),

Reverse DNS

p06.id5-sync.com

Software

Resource Hash

226e84ad1a7ec459a3e3fee0171edb996774583677c4853c940c2c8910093a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.provisioneronline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.provisioneronline.com
Date: Thu, 30 Dec 2021 16:51:57 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 40ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1132
date: Thu, 30 Dec 2021 16:51:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ea995a08-c3ff-4611-90d6-6334ea27d141

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D

Domain: rtb.adxpremium.services
URL: https://rtb.adxpremium.services/openrtb2/auction

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.provisioneronline.com/	1969-12-31 23:59:59	Name: cart.item_count Value: 0
.provisioneronline.com/	1970-01-20 08:33:39	Name: role Value: BAhJIgpndWVzdAY6BkVU--23738a4f26cb29f43710744a465f36d1517b0b74
www.provisioneronline.com/	1969-12-31 23:59:59	Name: _utz_jpvc Value: BAhJIgYwBjoGRVQ%3D--ca59865542653208b886818ba59792780c44c42b
www.provisioneronline.com/	1970-01-20 08:33:39	Name: hallmark_session Value: BAh7CjoKZW1haWwwOg5maXJzdG5hbWUwOg1sYXN0bmFtZTA6CmxldmVsMDoPb2x5X2VuY19pZDA%3D--d9381c3fed772ea7d244aef92be23e0f4b4168cc
www.provisioneronline.com/	1969-12-31 23:59:59	Name: user_ip_covered Value: false
www.provisioneronline.com/	1969-12-31 23:59:59	Name: last_viewed_path Value: %2Fgdpr-policy%3Furl%3Dhttps%253A%252F%252Fwww.provisioneronline.com%252Farticles%252F111896-blowing-smoke
www.provisioneronline.com/	1969-12-31 23:59:59	Name: _provisioneronline_session Value: BAh7CkkiD3Nlc3Npb25faWQGOgZFVEkiJWY4NmRjNmM3YWJmOTU2YzFkYzZhMTdlZjkzY2FlZGY2BjsAVEkiGWhhc19oYWxsbWFya19zZXNzaW9uBjsARlRJIghrZXkGOwBGSSIpNDVmMDZmNGItZDIzMS00N2EwLWE3NzMtZTlhZmVkY2NlN2M1BjsARkkiD3VwZGF0ZWRfYXQGOwBGSXU6CVRpbWUN0G8ewOZoKc8JOgl6b25lSSIIVVRDBjsARjoNbmFub19udW1pAv0BOg1uYW5vX2RlbmkGOg1zdWJtaWNybyIHUJBJIhBfY3NyZl90b2tlbgY7AEZJIjFlMzZwWERlZUxJU05pTGx6VWxvYmtzMmhrbmRtb2ZmSFg1cWd6OXcxSDVvPQY7AEY%3D--a5a8471155727b972814d9d428cb519fb385153f
www.provisioneronline.com/	1970-01-20 09:18:17	Name: __atuvc Value: 1%7C52
www.provisioneronline.com/	1970-01-19 23:48:04	Name: __atuvs Value: 61cde3a6a1413c44000
.addthis.com/	1970-01-20 09:18:17	Name: uvc Value: 1%7C52
.provisioneronline.com/	1970-01-20 17:19:15	Name: _ga Value: GA1.2.1203073193.1640883111
.provisioneronline.com/	1970-01-19 23:49:29	Name: _gid Value: GA1.2.298285908.1640883111
.provisioneronline.com/	1970-01-19 23:48:03	Name: _gat_UA-2806739-19 Value: 1
.addthis.com/	1970-01-20 09:18:17	Name: loc Value: MDAwMDBFVURFSEUyMzAxMTg4NzAwMzAwMDBDSA==
.doubleclick.net/	1970-01-20 09:09:39	Name: IDE Value: AHWqTUlbMIdY_OSZ60dU5-YD2czHcR4evaHCOi7NDW5ffXVPCLlOGwIyBgUUHKkoKLc
.hbmp.mediafuse.com/	1970-01-20 02:01:58	Name: vmuid Value: 4f4d40623e39cef5
.provisioneronline.com/	1970-01-20 08:33:39	Name: oly_enc_id Value: null
.provisioneronline.com/	1970-01-20 08:33:39	Name: oly_anon_id Value: %221ac8a596-418c-440c-9ead-866e7821ac6d%22
.ad.gt/	1970-01-20 17:19:15	Name: au_id Value: 8501595a-a0f4-45db-b44b-6b8d917f7263
.ad.gt/	1970-01-19 23:49:29	Name: au_idmatch Value: {"apn": "2021-12-30", "ttd": "2021-12-30", "pub": "2021-12-30", "adx": "2021-12-30", "halo": "2021-12-30", "goo": "2021-12-30", "smart": "2021-12-30", "impr": "2021-12-30", "unruly": "2021-12-30"}
.adnxs.com/	1970-01-20 01:57:39	Name: uuid2 Value: 1123660468915283092
.adsrvr.org/	1970-01-20 08:33:39	Name: TDID Value: 323fb64c-037e-4225-8d05-5085901d4103
.1rx.io/	1970-01-20 08:33:39	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-d70e9d07-a91c-47ca-8a23-bad1412440bd-003%22%7D
.adsrvr.org/	1970-01-20 08:33:39	Name: TDCPM Value: CAEYBSABKAIyCwiShsGX7e-lOhAFOAE.
.pubmatic.com/	1970-01-20 01:57:39	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-20 01:57:39	Name: KADUSERCOOKIE Value: 6790B737-1A09-4C19-99D6-0EA5608090FA
.targeting.unrulymedia.com/	1970-01-20 08:33:39	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-d70e9d07-a91c-47ca-8a23-bad1412440bd-003%22%7D
.360yield.com/	1970-01-20 01:57:39	Name: tuuid Value: 6bbaa3dd-945f-4643-8f54-5c236fd4e320
.360yield.com/	1970-01-20 01:57:39	Name: tuuid_lu Value: 1640883113
.ad.gt/	1970-01-20 17:19:15	Name: last_seeng_hosted Value: 1640883113351
.ad.gt/	1970-01-20 17:19:15	Name: g_hosted Value:
.ad.gt/	1970-01-20 17:19:15	Name: last_seenadx Value: 1640883113363
.ad.gt/	1970-01-20 17:19:15	Name: google_gid Value: CAESEPMPFBqFk5xj-g2ojwfAzhE
.ad.gt/	1970-01-20 17:19:15	Name: first_seenadx Value: 1640883113363
.ad.gt/	1970-01-20 17:19:15	Name: last_seenimprove Value: 1640883113365
.ad.gt/	1970-01-20 17:19:15	Name: impr_uid Value: 6bbaa3dd-945f-4643-8f54-5c236fd4e320
.ad.gt/	1970-01-20 17:19:15	Name: last_seenunruly Value: 1640883113367
.ad.gt/	1970-01-20 17:19:15	Name: unruly_id Value: RX-d70e9d07-a91c-47ca-8a23-bad1412440bd-003
.ad.gt/	1970-01-20 17:19:15	Name: last_seenadnxs Value: 1640883113369
.ad.gt/	1970-01-20 17:19:15	Name: adnxs_id Value: 1123660468915283092
.ad.gt/	1970-01-20 17:19:15	Name: first_seenadnxs Value: 1640883113369
.ad.gt/	1970-01-20 17:19:15	Name: last_seenpbm Value: 1640883113371
.ad.gt/	1970-01-20 17:19:15	Name: pbm Value: 6790B737-1A09-4C19-99D6-0EA5608090FA
.ad.gt/	1970-01-20 17:19:15	Name: first_seenpbm Value: 1640883113371
.ad.gt/	1970-01-20 17:19:15	Name: last_seentd Value: 1640883113371
.ad.gt/	1970-01-20 17:19:15	Name: tdid Value: 323fb64c-037e-4225-8d05-5085901d4103
.ad.gt/	1970-01-20 17:19:15	Name: first_seentd Value: 1640883113371
.ad.gt/	1970-01-20 17:19:15	Name: last_seenhaloid Value: 1640883113579
.ad.gt/	1970-01-20 17:19:15	Name: halo_id Value: 0201ytsvzn07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
.ad.gt/	1970-01-20 17:19:15	Name: first_seenhaloid Value: 1640883113579
www.provisioneronline.com/	1970-01-20 00:31:15	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.provisioneronline.com/	1970-01-20 08:33:39	Name: _pubcid Value: 5ef97d69-a768-4e05-aa58-fe376ca1fe99
.admixer.net/	1970-01-20 17:19:15	Name: am-uid Value: 067a78e37fe6478daaa43b07b069f006
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5A Value: s56132\|Yc3jr
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-22 13:07:15	Name: E Value: AJcapYO2c6K0YtVT
.provisioneronline.com/	1970-01-20 09:09:39	Name: __gads Value: ID=5670530dbf627aea:T=1640883113:S=ALNI_Ma1gWNBaMXGzNNF1VV62ud-u7PRHw
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|A9CsNFoQ5K/DWCet2ogsIBP0vIhaOOWfliBRT/qkfmAh+urPaQTjRsKcZLjliObLRXOqtD6qDAuneV3IXSeRTVvE8QI6g1Y1yk4Vad3QREh28zX8YKRfI6r+JKnHMVn/BdTLwVQPPUDx
.adnxs.com/	1970-01-20 01:57:39	Name: icu Value: ChgIlK13EAoYASABKAEwqse3jgY4AUABSAEQqse3jgYYAA..
.rubiconproject.com/	1970-01-20 08:33:39	Name: khaos Value: KXT7FTW0-O-BYSD
.rubiconproject.com/	1970-01-20 08:33:39	Name: audit Value: 1\|naVuGyos1qqvLz1xe6Gzm9R7j7QKV7YbmiCo4Qd78uMEYu0+y2W/JL+dtNXKLIp1D/RkKAfoTIxKfcgFgq25nTPYNxk7TVds4ICd6Q+AmJucnkSed1IHDtAPlTu0R9RN
.betweendigital.com/	1970-01-20 08:33:39	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 08:33:39	Name: tuuid Value: e9932945-43a0-516c-829c-c4aae3512700
.betweendigital.com/	1970-01-20 08:33:39	Name: ut Value: Yc3jqgAEDxDgrHFxMQ-5pVOTUm3IKiF_yyCqyw==
.betweendigital.com/	1970-01-20 08:33:39	Name: ss Value: 1
.betweendigital.com/	1970-01-20 08:33:39	Name: unm Value: 1
prebid.a-mo.net/	1970-01-20 08:33:39	Name: __amc Value: 1_1640883114_1640883114
.criteo.com/	1970-01-20 09:09:39	Name: uid Value: de735f0a-290f-47a3-a960-bbaafe5594c9
.provisioneronline.com/	1970-01-20 09:09:39	Name: cto_bundle Value: HRGSpl8yRklPblRoRXlYWldXb29FMDZ4bXkzMDhrcUpTbyUyQnZXMTBwWk50OVVoeWFIclJzZ2dHMmxWazRlczdTcjd4THlOS1h3JTJCMVBlTkVIUDJFQWJGYlBndzI2bVI0OU1HaDB0ak9OWUJLNVVNRmVyWFBJSyUyRlJaQTdkdnBYbFJadGNBZWdpaUlQMmhpRlRENlRwSzVhRWtHTXhNWUVJSXJ4dG1qWHRwWmVCS0JjTFUlM0Q
www.provisioneronline.com/	1970-01-20 09:09:39	Name: cto_bundle Value: YIZjZF9OaEZQYTVTZXRWeGs2UG0wb3Y4T0RWaDEzVm5OcVY5VWs5bFVLbzJlajVJWllaWjNzdHVyTUUlMkJUcW9VMSUyRnlNSW1wbmdyJTJCZVgydXhxZHB4Y0k4SVQ1WXJZTTdEeTJ2SEpuMWhtNzdVWXZSMDdSeEJJTUZyZkFlR0hrNml2dVk2cXppJTJGN3V5WDBWOWdwVG5VOUZqWDVIZ1JHUEt1clJVbmFyRmZGNVZFWkZrQSUzRA
www.provisioneronline.com/	1970-01-20 09:09:39	Name: cto_bidid Value: -CHnIl9jMlkxUThuUHRSeDNjbU52ckhRTHlYT0N0N2VUMnl0eDJPQ1JKOXVpJTJCNHZJWTQzaXpCeDglMkY3b2xWUTB2eiUyRnA3aGRkVnNuQjdHeDJ4SENoWTFSZFNpVGtnd0x1VXJjRjZuOEpMY0xIVTZXJTJGdHRqTVlnS2hkNjM1ZjZHRE9sTFMlMkY

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://rtb.adxpremium.services/openrtb2/auction Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' continuum.epublishing.com *.continuum.epublishing.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5120040.fls.doubleclick.net
7c5790e99b63aefbd32ba0b36020c9a5.safeframe.googlesyndication.com
a.ad.gt
ad.360yield.com
ads.betweendigital.com
adservice.google.co.uk
adservice.google.com
adtelligent-d.openx.net
ap.lijit.com
apex.go.sonobi.com
api-34-221-205-23.b2c.com
api.fouanalytics.com
aufp.io
bid.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c2shb.ssp.yahoo.com
cf-images.us-east-1.prod.boltdns.net
cm.g.doubleclick.net
d1eoo1tco6rr5e.cloudfront.net
dm.hybrid.ai
edge.api.brightcove.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
ghb.hbmp.mediafuse.com
ghb1.adtelligent.com
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
ids.ad.gt
image2.pubmatic.com
insight.adsrvr.org
inv-nets.admixer.net
m.addthis.com
match.adsrvr.org
ml314.com
mug.criteo.com
olytics.omeda.com
onetag-sys.com
oqs.omeda.com
p.ad.gt
pagead2.googlesyndication.com
pbjs.e-planning.net
pixels.ad.gt
player.adtelligent.com
player.hbmp.mediafuse.com
player.mediafuse.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.media.net
rtb.adxpremium.services
s7.addthis.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.criteo.net
sync.1rx.io
sync.adtelligent.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
tag.1rx.io
tpc.googlesyndication.com
u.openx.net
v1.addthisedge.com
v4-api-34-221-205-23.b2c.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.provisioneronline.com
z.moatads.com
rtb.adxpremium.services
s7.addthis.com
sync.adtelligent.com
104.84.56.126
142.250.184.194
142.250.185.102
142.250.185.66
146.0.227.109
147.75.61.140
151.101.66.27
178.162.133.150
178.250.2.131
178.250.2.146
18.66.123.144
185.184.10.30
185.239.173.210
185.64.189.112
185.64.190.80
185.86.137.132
198.148.27.133
2.18.235.40
204.180.130.159
204.180.130.165
208.91.60.110
209.58.165.102
209.58.175.20
213.19.147.42
213.19.147.44
2602:803:c003:200::21
2606:4700:20::ac43:44a1
2606:4700:3036::ac43:c834
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2001
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:2638:1::3
2a02:2638::1c
3.124.208.111
34.107.148.139
34.221.205.23
34.247.104.176
34.98.64.218
35.157.246.167
35.160.232.188
35.71.131.137
35.83.144.163
37.18.16.23
37.252.172.38
37.252.173.22
44.239.49.94
45.133.44.3
45.133.44.4
46.249.52.249
51.89.9.253
52.222.248.38
52.35.10.191
52.36.211.235
54.36.109.186
54.76.84.232
72.251.249.9
88.212.252.22
00fba0f0699a539ababcbfdbf562c25e809dbf5a78c02d5f7db18e691ae61785
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05c5f88de5ccad1d34cc9d097f33169c9277fa57e2a3d3565eb45812824221de
08853164eedfa60c07f77bb8d7162d0c8724eb87fde8333ed00876c9cba315ae
089092de0db62c119be0294a75c8ade991e7a825653b2a8616390cade831db3d
0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d63b07cee205cb37fa26cd0768764c2207c1e8eb9a2f194df10f303192f665f
0d729b3356d3859510dd329559f90fa2bcf4a3d358ae785452374d40eef78520
0f7e66e67fa16d1d076cd9e5e705272072e2b0b8638be73f51c2227f9146cda6
133be2ab152b1c9f408e9a597430361539cf3b8255a0a92f8a8a8a885e079702
13585d9b686ac703e4b5298cb55720b110224b90b0fa7b9ad6660baf3a04345c
14d78c2c856489336bca4fa064d479e4b9990fe3c1bb9fad019e94b652761f74
19587da7614b9cec456eb138be25ebb246cf85a3ef1537f38f2c3f3f8477b558
1b8cd44b37e8b4fea76da35db8fe26a674224576a0881fe633d5cd29b74ec6e0
1d9c7ee9d5dd7bd52dd28f20bc81fe2a35d1aee66da04a1841c62cbbe98aa4e6
1ddd0013e8209e0d55da94e5dcc69ffdd450a17b2099554a0963748c70cccf6a
226e84ad1a7ec459a3e3fee0171edb996774583677c4853c940c2c8910093a7d
231853441ef9d4c570e2f23935d1f6bf367f96b06cfae02ed4f691dc6e8fea49
24324a567345cd1438b4b90bb64069b5789f62a16c395d67bd3a27fa433f8175
263350c832a4c7269ab372c9e2a7a4da4317122c81d10f5132109ff8df18a6f2
27dfb65627347715ebcea51267da3923de00100e9474dd40988d0048dbbac0b9
2a14e7fbaccbf34d2e5b6c0e5d227b9d02439ffe171b831bedaa9b5c6a0ee3f3
2bae099565c4a6ad638d8c9d13b13c9009bf2b2d2c78673850ce62c054cb1b8f
2bbec935e4c59bf32896d5bb240f97ac0e67aab6e107000bd4d069dd3eef443d
2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8
2cb5d7199f312df8e6dee2b7dc7ae8e59a412327bd034a2815d83d025daa78be
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eed9751662f1cb57ca5e823e9157f12e75787e495480476490a4333ac4a88a9
31d7a86266ba3fbaea29718b1261abcd93ef1e56faeb5d4069f94e9e90dc9cda
324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37a17b75411c369ce20779ecaa7af3fbe35892270a76066646d4a59177a93b60
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3fd877026804a54b48c7ae144864a5c703bda1633479f5c3a66975cf228d13c4
402459ba2ba22075416d1aa09518df58ab0138095ff2d304ada984264a9d4bd3
414774c1c10e53871d456e35b61ff643dd4239ff383e83ba5ec47bfdfca10c07
42439fb5d5c40792e8ae5f3264cadfbba2b7272af95cf1297e51082bca8cf995
4291e426fe2cc59647334e0b24e59a0bd4bb2dd009009617b03dbab88259f633
4683362f4baa0d942f1a4fecbc0b90a5f24f4ad9e8d11e44f04f7e317e9e6ab8
4838c88697aee0314d57578fe3e04e9574c7a155e251c86b4eb29769a426eb70
4b8985f4d14549d9b4f926bcd5e7834c70eeea6462c8557981bb61acb35bc545
4dd2c080c446c1f37ccd43a687fb824c9a53a5fac513e9c1703be1a279920863
4dfe38d20e93f37d8121aaaa0da88b999d73a5dcdcf74254b62403a2b9274918
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3b1ecb2f7d6285b7b049695ad138dfe7e80e92b803df57dfb8cf23f847f629
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fda3ee207f446d23c68553d5cc01858cdaab99c03aa6aa9dc5d5de5568f34fe
52aba7c806ca9e6af714856641bf87ebb2a715ef06200f6fb94085546320a8e7
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
54ac7319ccbc7fb967412f2d16ae9ca31255c9d8bb1ebcb6b0a5b34d0912a52d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578c4b6de5681d77a250b48ff4fccdaf3e26a0e25ffe128d9b74dcd8ad76f86f
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5aea0d1d89aba77c45ee34479a9668ca395cf3c10855b71ab6cfe9ec513901bb
5c16c6e3c342266205074b7177d4488e8332e94c01adfdb9ad6bf5c97251f495
5dd4a310c777011e7c2825a78072bbbb3435c3d5a1b1b1da382dd413292dbdd9
5fb89c56a61d2a591d7cc6fe890ce3c1e609d190ad45ebaf13f5365538ca0f75
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f4256f835e8de08a9dee6ec958812a4a5dd618fbb9675975b678c16e162485
65f14cae897206ec3350b61c975a6202d30bdd4df2e1002c2b12be979fbc36d2
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c564d7b225eecedf4515167f96e30432697521612e2e36a1be097704518a335
7287735cb481be63658ddbb5412092d2539823978d2f4d294da10aaa81e32265
766641214ce6aaa774462a6d9ad4a51a8b9faaa8f21ec6f70fbf8c246d3fee31
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
7822d2d595a676744660d12f3f24dfd7c83303f206d81991eed874d8b0bdb95e
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bfafb0c7307e804937b3d77b5f75ce413e172cfdc046fd9e1e0a60463924299
7d26b25e0f034d34f32e5cea9f3d236b5736371928247bbf99b0512caf8a906f
7f33ff5b5ca83ed5b4c3f9c72bb22ea7240e5c5f95b2a7efd3015d9aae9a02b9
822e2805bc659f7831dacca84ce653e94dfa471f11d65213b9a997dffe1dbd4b
85c36ade746d4ec3cc18bd39fda1fda0637b54b553a45e47959e379570e403c8
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
86aca2ffe90ade1ddb95f8810d08512c7d4988fc0f9b71d90413d3e6b65083bb
86b7ac16d2e3e59db7bb6c162070c811650d876c47d2d0b1c8760a8d03f51637
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8b10923e70ee7d836b7915f3e09e01718a6eff37c64036b18ff459ee426b49f9
8c3248d574d9eefb4acbe4410019b8c860754f63845f7ec5f25f083c22337897
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
92f49b0d4868cbc9ad9769e58296ce27cf4d6dc10273937262005a9b8cf5cd27
95231dced2d23b7c6197e130f3c1277d91bfe7269ee318f7072bbd8dace032c5
9a6bf0a6e2eb1b64d0823e7a6b41430390a384de43380f44a10e03f296bf5b93
9b76d25cbe04082a98d5e09a7a7e026562e3b5a6add9842ff60f247779df62c4
9c9ac3998a17e6e97f9e560c809127c65d745f10d90548a62440625fc91c2e7b
a041651fc88210ebdd9d35c3edc954ac0137b4ed6217c3eef15a4d86785ffe7c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e7d66121f7f8e4e797fbaa8e8796106c3668cecc4d595588c198548a2525fc
a49855a3e1e2f392d8309e4a4aa4676441a74487540d180ba512c8e9dd4e808a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cdf2582e6513d95dd7ff39e384b80f9752e67aa08da6f03498d5090f79c2d5
a64b866aa90f5bd3f37e362e535a25bb1a680841f7f4028539224486aa07fac9
a685198692b5831e5dd26c0d6c195faafd747e3e2e0f13916f7e1c1aa7decdf9
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75c8c3ad4d4eb6f9b30bdb7c0f4da360a0fe4f5f5e2b2d970c82dfd2b02c98a
a79922bb5003593671ee000c4d24eaace7c6240c251780bf10764e48f30fc956
abc7cb6ac4a9ab3a18482fc3821ab7dee10cdd93e03d580d39ac4ae4b33d0581
abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae4750813a6c6e724d91c2f040a821de051d02b1cb0991ce98b2618b5bb97857
aeb8077f4898ef4d2b4b900ebc67d500684862e16971e9094db44353adaaa34d
af7233c4a245971a38104ccb4caf53766d1b53a4331f6be176d012f9702560eb
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b913028cae336af75686538cf833779bac3d2e42701ac7800415dfe3d32a76d0
baa5544e4a78d73089cfe740e6fb9299be2c9f074f05dd0869200d45ffc19be9
bf43b01abb2f72067aad11191c7d45eddd1e38353c205e3e281b6df15f730b69
c04dea18ac2f1918647a17e059a4ba6d24e6c703337ba20da314d2f25a14a25e
c49e4c5b75b5d99ab5a21c80fa93310d4924da96f368129e23c96992bfc323c2
c52f4548a2ef16dbac9976d779e9888ac5e7c92f2b50048674db1fad626beee4
c62e8fc8b90589464c87e7a21ef01311e75276c4f30791db96c4ce5d2dfb9c29
c8132a9d2e685a073675485064e57fd21ef1f6c6d04ab456d992e5bff7782567
c862ab5897edd93789e67dc24b19e41c67e75ec3afa70bee6a096e6a1437581e
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
ccb8a4caed1d6b17fb6722a8ae16bd32cb4db2e84080de1b2ccd782e203c9902
d7a6cbe914124dc56487ffdf4bcd4d0bc22104c7ff36efb2937aaff3f2648b3c
d813321c52a22a6586f12b54ff6e5c3a3a64b39df64643b400fc762541cf29f2
d8319da63e5ed870e632d86e5be6be84494190c5f792affa60973f5d1c0a4e22
db6857412d1e9002a96ea53bd98f437c5984064b9ee7b675527bc15fd01a1fb8
dbafc138ec0b7bd9ddbf5bdf1aebc7bd1648c32705185e43e9857555541b543d
dc4e8128d5dbcca0060bd28c7f17536b59d3262b43a28bc6b36472a784f030b2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e4d55ecc78ec3938ebda189d67d101fc0b5306a35bb9b2c6bec949d3c656d2
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e8115359f2577b11363670164ce425c7a4318af8f122a9efc2e2dad99fa61be5
ed809fc9518b8f5164e45e3da013e15feea32f290b91c5cff5c92cf61cbf0ce9
ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbff741bcf13d2a00b87975768393bfdba8e66a5c4d93d02ad8cb2166ab5575
f565ae4673102a1491f7e34e660065cccf2e3e011bd3d4e5b558eb7bc61edf49
f56a475840f40cfab7dc460c82631d7aed76f5a5a4945c31bf05b4f8a0543872
f72030b4276305d37e8c7d8d99f972ecee304f5a3d01fe3e47ca50a13d81cd95
f80cae32da47e2c578cba58af55bacb379adabebb37f89e1ca67585863dfc72e
fc1d6e177f0a93623a64d3db5c13f5aba3b47a22dfac2a92daf9b2b9b574aed5
fc267bbdefeb6314d38a7f35469a23a283172fed12751edd1f7aa1ec89b57d57
fcd8b7317a89948578e5ee92d802852cd96dd15c9ff99e82e1ed85965eae5973
fe109b9d05e617669a7d867b3e7c757f909f32afaf06355ab838e60773c71cf6

www.provisioneronline.com Open in urlscan Pro 208.91.60.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

196 Requests

92 %HTTPS

26 %IPv6

50 Domains

73 Subdomains

62 IPs

10 Countries

2666 kBTransfer

6136 kBSize

71 Cookies

21 Outgoing links

Page URL History

Redirected requests

196 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.provisioneronline.com Open in urlscan Pro
208.91.60.110 Public Scan

Screenshot
Live screenshot

Full Image

196
Requests

92 %
HTTPS

26 %
IPv6

50
Domains

73
Subdomains

62
IPs

10
Countries

2666 kB
Transfer

6136 kB
Size

71
Cookies

196 HTTP transactions
3 data transactions