www.pinturillo2.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.pinturillo2.com/
Effective URL:
https://www.pinturillo2.com/
Submission: On November 17 via api (November 17th 2023, 3:18:20 am UTC) from US — Scanned from NL

Summary HTTP 185 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 66 IPs in 10 countries across 66 domains to perform 185 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.pinturillo2.com.
TLS certificate: Issued by E1 on October 4th 2023. Valid for: 3 months.

This is the only time www.pinturillo2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:47de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:9325	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:9000:264... 2600:9000:2644:4a00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:214... 2600:9000:214f:1a00:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.84.104.95 52.84.104.95	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:11::215:14cb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
4	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:9425	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:da0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
3	2606:4700:440... 2606:4700:4400::ac40:994e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
12	52.212.105.38 52.212.105.38	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
15	104.18.43.178 104.18.43.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.19.132.136 52.19.132.136	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	52.84.105.94 52.84.105.94	16509 (AMAZON-02) (AMAZON-02)
1	35.157.44.143 35.157.44.143	16509 (AMAZON-02) (AMAZON-02)
1	52.84.106.43 52.84.106.43	16509 (AMAZON-02) (AMAZON-02)
6	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
4	184.30.16.195 184.30.16.195	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.248.115.153 3.248.115.153	16509 (AMAZON-02) (AMAZON-02)
1 2	185.86.138.154 185.86.138.154	201081 (SMARTADSE...) (SMARTADSERVER)
3 9	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:223... 2600:9000:223f:3200:1f:4c18:bd40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1	34.236.62.13 34.236.62.13	14618 (AMAZON-AES) (AMAZON-AES)
2 2	216.52.2.16 216.52.2.16	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 2	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
8 9	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	72.34.250.75 72.34.250.75	27630 (AS-XFERNET) (AS-XFERNET)
1 2	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 1	54.87.176.184 54.87.176.184	14618 (AMAZON-AES) (AMAZON-AES)
2	3.65.142.57 3.65.142.57	16509 (AMAZON-02) (AMAZON-02)
1 1	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.215.12.164 52.215.12.164	16509 (AMAZON-02) (AMAZON-02)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	185.86.138.150 185.86.138.150	201081 (SMARTADSE...) (SMARTADSERVER)
3 4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
9	34.247.233.198 34.247.233.198	16509 (AMAZON-02) (AMAZON-02)
2 3	3.126.125.13 3.126.125.13	16509 (AMAZON-02) (AMAZON-02)
2 2	3.123.51.12 3.123.51.12	16509 (AMAZON-02) (AMAZON-02)
2 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.146.124.189 54.146.124.189	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a05:d018:d29... 2a05:d018:d29:3602:b34:3da1:cf11:a756	16509 (AMAZON-02) (AMAZON-02)
1 1	54.144.102.175 54.144.102.175	14618 (AMAZON-AES) (AMAZON-AES)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
2 2	70.42.32.127 70.42.32.127	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
4 4	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
5	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	211.120.53.206 211.120.53.206	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
4 4	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3 3	44.205.140.116 44.205.140.116	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
1	34.196.172.118 34.196.172.118	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	18.184.81.67 18.184.81.67	16509 (AMAZON-02) (AMAZON-02)
4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	162.55.233.29 162.55.233.29	24940 (HETZNER-AS) (HETZNER-AS)
1 1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 4	2607:ae80:4::26 2607:ae80:4::26	26558 (FREEWHEEL) (FREEWHEEL)
1 1	3.69.181.164 3.69.181.164	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:9e13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.195.237.102 54.195.237.102	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1720	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	213.227.153.221 213.227.153.221	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
185	66

24 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pinturillo2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:47de (United States)

ASN13335 (CLOUDFLARENET, US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:9325 (United States)

ASN13335 (CLOUDFLARENET, US)

game-cdn.poki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.poki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:4a00:9:46dc:4700:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:1a00:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.84.104.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-104-95.bud50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:11::215:14cb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:9425 (United States)

ASN13335 (CLOUDFLARENET, US)

devs-api.poki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:da0f (United States)

ASN13335 (CLOUDFLARENET, US)

geo.poki.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.90 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.212.105.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-105-38.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.18.43.178 (None, )

ASN13335 (CLOUDFLARENET, US)

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.19.132.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-132-136.eu-west-1.compute.amazonaws.com

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.84.105.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-105-94.bud50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.44.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-44-143.eu-central-1.compute.amazonaws.com

api.cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.106.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-106-43.bud50.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.115.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-115-153.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.154 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.202.187 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:3200:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cs-rtb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.236.62.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-62-13.compute-1.amazonaws.com

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 46.228.174.117 (United Kingdom) 8 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.34.250.75 (Hemet, United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.84.158 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.87.176.184 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-176-184.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.142.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-142-57.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.22 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.12.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-12-164.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.150 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.125.13 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-125-13.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.51.12 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-51-12.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.124.189 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-124-189.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:b34:3da1:cf11:a756 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.102.175 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-102-175.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.127 (United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.229 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.120.53.206 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.90 (Amsterdam, Netherlands) 4 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.205.140.116 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-140-116.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.172.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-172-118.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

cm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.81.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-81-67.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.233.29 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:ae80:4::26 (United States) 3 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.181.164 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-164.eu-central-1.compute.amazonaws.com

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.237.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-237-102.eu-west-1.compute.amazonaws.com

ad2.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1720 (Singapore)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.153.221 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce14.ams-01.nl.leaseweb.net

b1h-euc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	pinturillo2.com 1 redirects www.pinturillo2.com	130 KB
15	the-ozone-project.com elb.the-ozone-project.com — Cisco Umbrella Rank: 5195	32 KB
15	rubiconproject.com 2 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 513 eus.rubiconproject.com — Cisco Umbrella Rank: 602 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969 token.rubiconproject.com — Cisco Umbrella Rank: 458 pixel.rubiconproject.com — Cisco Umbrella Rank: 376	46 KB
13	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2437 public.servenobid.com — Cisco Umbrella Rank: 5174	8 KB
11	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1591 usersync.gumgum.com — Cisco Umbrella Rank: 2098 rtb.gumgum.com — Cisco Umbrella Rank: 1589	4 KB
9	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625 ssum.casalemedia.com — Cisco Umbrella Rank: 1451	5 KB
8	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 ad.doubleclick.net — Cisco Umbrella Rank: 154 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	168 KB
7	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502 ads.pubmatic.com — Cisco Umbrella Rank: 534 image6.pubmatic.com — Cisco Umbrella Rank: 823	24 KB
7	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 acdn.adnxs.com — Cisco Umbrella Rank: 609 secure.adnxs.com — Cisco Umbrella Rank: 495	33 KB
7	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	71 KB
7	inmobi.com cmp.inmobi.com api.cmp.inmobi.com	208 KB
6	1rx.io 6 redirects sync.1rx.io — Cisco Umbrella Rank: 567	3 KB
6	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	1 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	741 B
5	smartadserver.com 2 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 774 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733	2 KB
5	4dex.io script.4dex.io — Cisco Umbrella Rank: 1523 mp.4dex.io — Cisco Umbrella Rank: 2070	27 KB
5	poki.com game-cdn.poki.com — Cisco Umbrella Rank: 23542 devs-api.poki.com — Cisco Umbrella Rank: 25659 api.poki.com — Cisco Umbrella Rank: 24346	71 KB
4	stickyadstv.com 3 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 566	3 KB
4	creativecdn.com 4 redirects creativecdn.com — Cisco Umbrella Rank: 592	2 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 599	2 KB
4	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 327 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	1 KB
4	lijit.com 3 redirects ce.lijit.com — Cisco Umbrella Rank: 882 ap.lijit.com — Cisco Umbrella Rank: 683	2 KB
4	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 2448 cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460	2 KB
4	clean.gg i.clean.gg — Cisco Umbrella Rank: 894	119 B
4	btloader.com btloader.com — Cisco Umbrella Rank: 877 api.btloader.com — Cisco Umbrella Rank: 948	24 KB
3	liadm.com 3 redirects i.liadm.com — Cisco Umbrella Rank: 539	2 KB
3	zemanta.com 3 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 580 b1h-euc1.zemanta.com — Cisco Umbrella Rank: 27486	1 KB
3	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 522 rtb.openx.net — Cisco Umbrella Rank: 695	943 B
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 351	1 KB
3	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 751 assets.a-mo.net — Cisco Umbrella Rank: 1715	3 KB
3	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268 usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 4590	929 B
3	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 851 d.turn.com — Cisco Umbrella Rank: 1384	1 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462 www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 4780	1 KB
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	69 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 946	1 KB
2	createjs.com code.createjs.com — Cisco Umbrella Rank: 1549	44 KB
2	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1421	91 KB
2	adinplay.com api.adinplay.com — Cisco Umbrella Rank: 14130	193 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	148 KB
1	dotomi.com prebid-match.dotomi.com — Cisco Umbrella Rank: 2253	104 B
1	360yield.com ad2.360yield.com — Cisco Umbrella Rank: 11952	199 B
1	fwmrm.net 1 redirects 1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3766	595 B
1	richaudience.com 1 redirects sync.richaudience.com — Cisco Umbrella Rank: 1851	364 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1180	375 B
1	ctnsnet.com 1 redirects cm.ctnsnet.com — Cisco Umbrella Rank: 4186	443 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1218	35 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1208	702 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 547	541 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1055	44 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 909	465 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 689	1 KB
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	507 B
1	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 657	35 B
1	media.net 1 redirects hbx.media.net — Cisco Umbrella Rank: 1337	287 B
1	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 1439	274 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 931	411 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 868	735 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1545	160 B
1	minutemedia-prebid.com cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267	525 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
1	poki.io geo.poki.io — Cisco Umbrella Rank: 155276	216 B
1	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 447	126 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	2 KB
1	quantcast.com 1 redirects cmp.quantcast.com — Cisco Umbrella Rank: 3190	587 B
0	avct.cloud Failed ads.avct.cloud Failed
185	66

	Domain	Requested by
24	www.pinturillo2.com	1 redirects www.pinturillo2.com
15	elb.the-ozone-project.com	api.adinplay.com cadmus.script.ac elb.the-ozone-project.com ads.stickyadstv.com prebid.a-mo.net static.cloudflareinsights.com
12	ads.servenobid.com	api.adinplay.com public.servenobid.com ssbsync.smartadserver.com g2.gumgum.com ssum-sec.casalemedia.com
9	usersync.gumgum.com	g2.gumgum.com
6	sync.1rx.io	6 redirects
6	eus.rubiconproject.com	cadmus.script.ac eus.rubiconproject.com public.servenobid.com g2.gumgum.com
6	onetag-sys.com	1 redirects api.adinplay.com cadmus.script.ac public.servenobid.com
6	cmp.inmobi.com	www.pinturillo2.com cadmus.script.ac cmp.inmobi.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	match.adsrvr.org	g2.gumgum.com ssum-sec.casalemedia.com elb.the-ozone-project.com ads.stickyadstv.com
5	ib.adnxs.com	2 redirects api.adinplay.com
4	ads.stickyadstv.com	3 redirects elb.the-ozone-project.com
4	creativecdn.com	4 redirects
4	c1.adform.net	4 redirects
4	cm.g.doubleclick.net	3 redirects g2.gumgum.com
4	ads.pubmatic.com	cadmus.script.ac public.servenobid.com g2.gumgum.com elb.the-ozone-project.com
4	i.clean.gg	cadmus.script.ac
3	token.rubiconproject.com	eus.rubiconproject.com
3	i.liadm.com	3 redirects
3	x.bidswitch.net	2 redirects g2.gumgum.com
3	rtb-csync.smartadserver.com	1 redirects ssbsync.smartadserver.com
3	ssum-sec.casalemedia.com	1 redirects public.servenobid.com ssum-sec.casalemedia.com
3	aax.amazon-adsystem.com	c.amazon-adsystem.com
3	hb.yellowblue.io	api.adinplay.com
3	fastlane.rubiconproject.com	api.adinplay.com
3	mp.4dex.io	api.adinplay.com
3	api.btloader.com	btloader.com cadmus.script.ac
3	securepubads.g.doubleclick.net	api.adinplay.com imasdk.googleapis.com cadmus.script.ac
3	c.amazon-adsystem.com	api.adinplay.com c.amazon-adsystem.com
2	b1sync.zemanta.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects g2.gumgum.com
2	us-u.openx.net	2 redirects
2	ads.creative-serving.com	2 redirects
2	image6.pubmatic.com	ads.pubmatic.com
2	match.sharethrough.com	public.servenobid.com elb.the-ozone-project.com
2	ups.analytics.yahoo.com	public.servenobid.com
2	prebid.a-mo.net	1 redirects elb.the-ozone-project.com
2	sync.targeting.unrulymedia.com	2 redirects
2	ad.turn.com	2 redirects
2	ap.lijit.com	1 redirects public.servenobid.com
2	ce.lijit.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	ssbsync.smartadserver.com	1 redirects public.servenobid.com
2	www.google-analytics.com	cadmus.script.ac www.google-analytics.com
2	script.4dex.io	cadmus.script.ac
2	api.poki.com	cadmus.script.ac
2	ad-delivery.net	www.pinturillo2.com
2	code.createjs.com	www.pinturillo2.com
2	cadmus.script.ac	api.adinplay.com cadmus.script.ac
2	game-cdn.poki.com	www.pinturillo2.com game-cdn.poki.com
2	api.adinplay.com	www.pinturillo2.com api.adinplay.com
2	www.googletagmanager.com	www.pinturillo2.com www.googletagmanager.com
1	usermatch.targeting.unrulymedia.com	elb.the-ozone-project.com
1	b1h-euc1.zemanta.com	1 redirects
1	prebid-match.dotomi.com	elb.the-ozone-project.com
1	ad2.360yield.com	elb.the-ozone-project.com
1	ssum.casalemedia.com	1 redirects
1	assets.a-mo.net	prebid.a-mo.net
1	1f2e7.v.fwmrm.net	1 redirects
1	rtb.openx.net	1 redirects
1	sync.richaudience.com	1 redirects
1	pixel.rubiconproject.com	elb.the-ozone-project.com
1	crb.kargo.com	elb.the-ozone-project.com
1	cm.ctnsnet.com	1 redirects
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	d.turn.com	1 redirects
1	tg.socdm.com	1 redirects
1	rtb.gumgum.com	g2.gumgum.com
1	bh.contextweb.com	1 redirects
1	match.deepintent.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	secure.adnxs.com	1 redirects
1	cms.quantserve.com	1 redirects
1	ads.yieldmo.com	elb.the-ozone-project.com
1	hbx.media.net	1 redirects
1	ssp.disqus.com	1 redirects
1	sync.go.sonobi.com	public.servenobid.com
1	p.rfihub.com	1 redirects
1	cs-server-s2s.yellowblue.io	public.servenobid.com
1	sync.adkernel.com	public.servenobid.com
1	cs-rtb.minutemedia-prebid.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	static.cloudflareinsights.com	elb.the-ozone-project.com
1	acdn.adnxs.com	cadmus.script.ac
1	public.servenobid.com	cadmus.script.ac
1	api.cmp.inmobi.com	cmp.inmobi.com
1	hbopenbid.pubmatic.com	api.adinplay.com
1	geo.poki.io	cadmus.script.ac
1	devs-api.poki.com	cadmus.script.ac
1	config.aps.amazon-adsystem.com	cadmus.script.ac
1	ad.doubleclick.net	www.pinturillo2.com
1	region1.google-analytics.com	www.googletagmanager.com
1	btloader.com	api.adinplay.com
1	imasdk.googleapis.com	api.adinplay.com
1	cdn.jsdelivr.net	api.adinplay.com
1	cmp.quantcast.com	1 redirects
0	ads.avct.cloud Failed	ssbsync.smartadserver.com
185	98

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.youtube.com
www.facebook.com
twitter.com
chachiware.com
gametronia.com

Subject Issuer	Validity	Valid
pinturillo2.com E1	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
adinplay.com GTS CA 1P5	`2023-10-19` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
script.ac E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
btloader.com GTS CA 1P5	`2023-10-19` - `2024-01-17`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-11-14` - `2024-02-12`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
the-ozone-project.com E1	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-05`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.minutemedia-prebid.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-11-30` - `2024-01-01`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2023-02-08` - `2024-02-15`	a year	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
*.prod.euc1.green.ops.kargo.com Amazon RSA 2048 M01	`2022-11-13` - `2023-12-12`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.a-mo.net R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://www.pinturillo2.com/
Frame ID: 5C215C0754FDF02ED1E18B821187F1B7
Requests: 90 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: EC1E84834FEBFE56ECB7DE5AD0B699C9
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700191093682
Frame ID: B3C7F58B82CB06D789D139AC694FA3A2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 13BD673AF2146908C550C0A9FC866328
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Frame ID: ADCAF250BF24A7799D4DDFEDB1534E6B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FE7F8012C5416C5134A50ACBE89EF2BF
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Frame ID: 0CBF7BE84679E469E1E7D2EAB8F5E769
Requests: 17 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: E7F601942B4BCE08A66489BEDFF6DBCF
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: A0005399EA4170D126D53A17CC07F850
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 27E4BBA1BC7F083C986E0A513C744DA2
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 9125C29EF74986CAFE1F82B92B717411
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 078B65E048481598AED2014D3716EF93
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: D860E89D7D4C727FF2F22218EFF38239
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: D14E98A0C10EA161DF537DC68E540573
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: C39F6C5BF18EE1842D54A4A4EE68C9F1
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 5BC9B7490BC9EC835633B988E04CD6EA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=6856144553523383611&gdpr=0&gdpr_consent=
Frame ID: 1326614D0B55195E88768DEA3EE26800
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zMTQyZTc5NS01NjNhLTQxODUtODcxMi1iOWI0NWM1YTYyMzA=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: C81938ED41E5308038670B596E119DDF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 107356BB90DE5D9D79D9DAF067FAB854
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: D1AE264724DC7B9F3EE949ADCEB3D6DF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZVbbd8Co5sEAAAvW.jAAAAAA
Frame ID: ED5511D599DC6ECB747A8824D6D2B2EC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=fIR73G59ZkqzTOvG-Q7XxkWX6l7PZepfjwVbpFYh6xc&pi=gumgum&tc=1
Frame ID: FF895D6B25E7FFCDBF1002B70EA92FF4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 57FE326AB864BF2FB6FB0E2CCCE6323C
Requests: 3 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&uid=$UID
Frame ID: 4BF02C78AA2A21D81A5B4BE4E309BDE7
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: A480DB352014DD87BCBA6106C3E23190
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Frame ID: 872575E2498CC01BD43E70D4A45905B9
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Frame ID: E3BAAC9A6C5A64951D8349355AB48B6E
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&s=pbs&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 4040E369162AC554406F53A9AF5CDAE6
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: E714CF7DF51D7C3DD92B24A931AB2CCD
Requests: 2 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=0&consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26%24UID
Frame ID: 8F4C48A6685CCF1A4D7FB27DD3C11BD6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pinturillo 2 - Draw and guess multiplayer online game

Page URL History Show full URLs

http://www.pinturillo2.com/ HTTP 301
https://www.pinturillo2.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

185
Requests

82 %
HTTPS

31 %
IPv6

66
Domains

98
Subdomains

66
IPs

10
Countries

1486 kB
Transfer

4740 kB
Size

72
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/es/app/pinturillo-2-lite/id460939125

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=air.com.pinturillo2.pinturillo2

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@Pinturillo2Game

Search URL Search Domain Scan URL

URL: https://www.facebook.com/playpinturillo/

Search URL Search Domain Scan URL

URL: https://twitter.com/share

Search URL Search Domain Scan URL

URL: http://chachiware.com/terms/
Title: Condiciones

Search URL Search Domain Scan URL

URL: http://chachiware.com/privacy/
Title: Política de datos y uso de cookies

Search URL Search Domain Scan URL

URL: https://gametronia.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.pinturillo2.com/ HTTP 301
https://www.pinturillo2.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://cmp.quantcast.com/choice/11Vb-uusbgv8t/pinturillo2.com/choice.js?tag_version=V2 HTTP 301
https://cmp.inmobi.com/choice/11Vb-uusbgv8t/pinturillo2.com/choice.js?tag_version=V2

Request Chain 104

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 105

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 110

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=5932565963490263899

Request Chain 111

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=Hq1GrRZHcV-rsNFWQQuvg2-S

Request Chain 113

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1700191094822 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=4017676926 HTTP 302
https://sync.1rx.io/usersync/turn/8622163273124898760?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9953c502-0341-404a-9e23-4bbd023606c5-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-9953c502-0341-404a-9e23-4bbd023606c5-003 HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-9953c502-0341-404a-9e23-4bbd023606c5-003

Request Chain 114

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5134455422232026881

Request Chain 116

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

Request Chain 118

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://ads.servenobid.com/sync?pid=346&uid=ua-19713a57-91b2-3809-b1db-9b843237ec20

Request Chain 121

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Request Chain 125

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver

Request Chain 126

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDQ5NDcxNzU5MjU3NDc0MDEwOQ==&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESECfMVmAUCyEwwrsVjs-YvYY&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 127

https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=cWN0sSM0drBqZnHkczNstiQzJeRqMnjkJjRo003l

Request Chain 128

https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/smartadserver?zcc=1&cb=1700191094849 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=7070617176 HTTP 302
https://sync.1rx.io/usersync/turn/8550105679086970824?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9953c502-0341-404a-9e23-4bbd023606c5-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-9953c502-0341-404a-9e23-4bbd023606c5-003 HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-9953c502-0341-404a-9e23-4bbd023606c5-003

Request Chain 129

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=5932565963490263899

Request Chain 130

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3142e795-563a-4185-8712-b9b45c5a6230&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3142e795-563a-4185-8712-b9b45c5a6230&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=63d1f966-831a-4c83-937a-f772fe42c83b&gdpr=0&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=63d1f966-831a-4c83-937a-f772fe42c83b&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=9c57c2fb-6b95-447a-8574-e96bcc88db1d&ssp=gumgum2&expires=30&user_group=5&bsw_param=63d1f966-831a-4c83-937a-f772fe42c83b

Request Chain 131

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=fcdb2bb6-b59d-40c8-b3fc-d4bea9818254

Request Chain 132

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-062d1056-6a01-577d-63aa-95d056b2ed5e$ip$31.204.152.197

Request Chain 134

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=94e13938-a008-411c-9768-cb53cb8d0568

Request Chain 136

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3142e795-563a-4185-8712-b9b45c5a6230&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_3142e795-563a-4185-8712-b9b45c5a6230&s=2&us_privacy=1--- HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=p_-AdYc7CyXnJ93dlON7&gdpr=0&us_privacy=1---

Request Chain 137

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=DjYbny8TInYf&ev=1&pid=558355

Request Chain 138

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=4494717592574740109

Request Chain 140

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=adf&i=6856144553523383611&gdpr=0&gdpr_consent=

Request Chain 144

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZVbbd8Co5sEAAAvW.jAAAAAA

Request Chain 145

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=fIR73G59ZkqzTOvG-Q7XxkWX6l7PZepfjwVbpFYh6xc&pi=gumgum&tc=1

Request Chain 146

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 148

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=3fb0938ccccb41edbceb320ffb6b769b HTTP 303
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8550105679086970824 HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVbbdt0TJJ-lgNYTsbOuBgAAFD8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMLAnw8-fqjs6XfKpieUOEA&google_cver=1

Request Chain 151

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVbbdt0TJJ.lgNYTsbOuBgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHeLeDt0aZvyZKTmYSBO0GA&google_cver=1&google_hm=2

Request Chain 153

https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=99a960da615d4b10a0c6fb15fe108e6a&expiration=1702783095

Request Chain 154

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183 HTTP 302
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183&tc=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=fIR73G59ZkqzTOvG-Q7XxkWX6l7PZepfjwVbpFYh6xc&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183&tc=1

Request Chain 155

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4076098395278575480&expiration=1701400695

Request Chain 161

https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=Hq1GrRZHcV-rsNFWQQuvg2-S

Request Chain 164

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&consentString=&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drichaudience%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=

Request Chain 166

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=32380009-2417-4b77-bf0b-0446e08a419f

Request Chain 167

https://onetag-sys.com/usync/?pubId=OZONEAIP0001&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&uid=$UID

Request Chain 169

https://ads.stickyadstv.com/auto-user-sync?pbs=true HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=4a722bc035f9ce6906d5f9e7b355bf8&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv29d6_7302265156793199870&gdpr=0&gdpr_consent= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/4a722bc035f9ce6906d5f9e7b355bf8?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-JUJqzeNE2oPY.3hfXyVfmgmlYwq1dmlgGl1MBg4I~A HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1

Request Chain 171

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5932565963490263899

Request Chain 176

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183

Request Chain 180

https://b1h-euc1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Doutbrain%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D__ZUID__ HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone

185 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pinturillo2.com/
Redirect Chain

http://www.pinturillo2.com/
https://www.pinturillo2.com/

5 KB
2 KB

245ms
184ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10c96e722ab67adda3fac5cfc59323067e01a1b1cc7b13b27262ee3736009df6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
age: 0
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8274d3370f996693-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 03:18:12 GMT
expires: Thu, 1 Jan 1970 00:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIU5yA%2B5nt1cZul2K5VFHAZZOThNI9DdFnqc1qwYbit6L0%2B3%2F3NbmqBa6IIr%2F40qHfTnFJEU3YdbpoAyEveIkoARZJP2FyLHIB%2Bdgsy2m5S5ga2gtlYrJZkeN8nVfSexrgLbm8pl"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8274d3360ce206dc-AMS
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Fri, 17 Nov 2023 03:18:12 GMT
Location: https://www.pinturillo2.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sgl%2FBvlOep4KA%2Fum2HKJkgIvRig0rNYd92wUA7R0wpBbgcpIvaXqOmNUpaRPpXbbJIC0UrdGSkg4bq0gQdWtqKO%2F68kbiJ6J21Tro0E5U6HrhT%2Bk7Gxm2me53DaND51ToAU19fMu"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
www.pinturillo2.com/w/ 3 KB
1 KB 160ms
158ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/w/style.css
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869033bc075d8d55bd21ad79a0e7973a3f6be24d21c6dbf0bdd83131c3d6f4f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:12 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jPyLAP4O%2BnOO88DOhXHxfeAHvzXOe0Tnp1Hg%2BqqlwkTkiN65Xx5wbbhM31ax%2B%2BPOHdyBAXJCIzzEvt446xp%2Fr45sNL63NKNTS9Yv8mw647hTbI10vn1O6Gt%2F7DpDOjfVab66jLn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 8274d33838366693-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 js.js Show response
www.pinturillo2.com/w/ 6 KB
2 KB 173ms
172ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/w/js.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2090fd7a1e65a23aa5daeb05a0ae69dd42cc4c60d407717cc50a031c4b5a1758

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:12 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QoYkLPQD1Nibh8a%2BQzewQamiJpM7l9htfyR4fqXr5%2FemhtFRXqguVXuLhbFEoA5J0Hgpv%2FoZkh0KXh2U%2FTvDjj9osC3tUoONbywLmaPAXK1wG8Qw0pavBZzvh4qIUHmuIawcD3sQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 8274d338383a6693-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 134ms
51ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-6337473-3

Requested by

Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ece227bb38a56aef11c77d9909b8a91b25fb895eaf852376d3765191488844c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68803
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 03:18:12 GMT

GET
H2 200 tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/ 619 KB
192 KB 133ms
50ms Script
application/javascript 2606:4700:20::ac43:47de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92b672e9d37859436f859b7fef024c9dc561a9e2dc58ebb89f6ccddfcca132b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 342806
x-host: adinplay-2
last-modified: Tue, 07 Nov 2023 09:31:52 GMT
server: cloudflare
etag: W/"654a0408-9acad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGRxS5qX%2FdGLUpV5PJNIlz22zeSJsfnKCYnrMdvPPkn5JoWKWxuVXfZQWV%2FgZC%2Bw29OHbmWBJWxMmOBOx4vzNQTI1%2FBFHgZM9TLlA3t8Np8IO%2FtXNTSCZ9HvydCp%2FfPjyDumZhHt4ZkgqC8f4QM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
cf-ray: 8274d339caa0b8c4-AMS

GET
H2 200 poki-sdk.js Show response
game-cdn.poki.com/scripts/v2/ 4 KB
2 KB 106ms
34ms Script
text/javascript 2606:4700::6811:9325
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game-cdn.poki.com/scripts/v2/poki-sdk.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f0f51da21a9872344abcbe14d4243a1b7ccb78ef9cdc0afc63684d76cdeb593

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Nov 2023 10:38:12 GMT
server: cloudflare
x-amz-request-id: AD7V9N11FM4ZXNQ9
age: 387
etag: W/"86595a6796195c7521828fe963bf3b81"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=600, stale-while-revalidate=10800, stale-if-error=86400
cf-ray: 8274d338ab36b8b5-AMS
alt-svc: h3=":443"; ma=86400
x-amz-id-2: y7xprv6jSD2EM2TPPjcS5TjXFlTeSUfNw5gP3AoCn8H/7uLYoZY/b0L67b8E2Xu1vfB9gkX2e/mk/MgrS4JmkA==

GET
H2 200 logotop.png
www.pinturillo2.com/webm/ 11 KB
12 KB 170ms
169ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/webm/logotop.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e445ddc0b5c15f3cd8b3cb7bdc0a8f8c8ca8f0a832f3c91107573dc927ab7143

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:12 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3N92HRg2ewJEeo6eZizMSYcc8bGa5Mv1gcxjLK3IUc3bF44oE5HiZBdBoX%2BllIWh%2F3iUG3CaCKYy6b9mVjNRoniqzIAdh%2FBbn2rkvJ%2BmfK9JPMNNIxg5GtKbJL7Rt9sQblrMJgu%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8274d33838376693-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11559
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 gp.png
www.pinturillo2.com/w/img/badges/ 8 KB
8 KB 162ms
162ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/w/img/badges/gp.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1a3412b3379f41686f2e6bd0d48ef1ac4a79b8ec092aad58dcfb3c6aa25b72d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:12 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYfZB8y8YwjjZvao4N4GqhQOVCjKwO1UVtlgXHhB88ewEbxnEGg%2Fn7aIbWqDpKH3QjmsvuERNPbuhq9yDFXxuOQAvyotCXjeImz60We8mb0htOET2RHV4O8uBWUnYPH9ii40BXVc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8274d33838386693-AMS
alt-svc: h3=":443"; ma=86400
content-length: 7742
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 as.png
www.pinturillo2.com/w/img/badges/ 7 KB
7 KB 165ms
163ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/w/img/badges/as.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e230519e9e6bd75dce131497e7a0aa2ae9d1136732f66a0ebb6bdff88c8c875

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:12 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1v6VfwPjZuMkDw5zqqfc9%2FXnAZtakc9PsxQwYMR%2FKY519Qfpk9%2Box8c0ppn7FFX2SFHhYrY81%2FN9z5yaJFFmWvi98VyLnEdJpHdkbEEirrRlYaJMoMG4rfsNLhU%2FhxO1%2B3P20Nk%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8274d3394c820eb1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 6797
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 icoyou.png
www.pinturillo2.com/w/img/footer/ 3 KB
3 KB 166ms
164ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/w/img/footer/icoyou.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d09055e38c04120b7763197b4dcfdf4f23877a24f13f9818fc59436384bf381c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:12 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZT9nqowUf0xfbxbWF%2F5jNd8xx7LNnh1AQjzSmIc6XbmmJouuVclwfzes%2BSwLsVPvdQ5ke2WAKNwUP%2FMbI1gdXP7cma6iogzvgMzf1kEHcOtk659qqtUDi76YuQL3n379YctCdSdX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8274d3394c850eb1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3006
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 icome.png
www.pinturillo2.com/w/img/footer/ 3 KB
4 KB 190ms
189ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/w/img/footer/icome.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4aa3f1a9964a9c3343e0093b7c123e1a88d52e00a253ae84cd912684b65b4d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:12 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63vHXTa3rMiZFflj1WJP9RqvfqCCVPWfWppI6ggRWQSOdaE1trNx2hYSCJ6Sr%2BECdr3ukQ66yAN4XHly%2Bul%2BRxt0AwF5jaXiUVLozr2PLmvcidPi8fA3z82aLhXHgUdo7Fa21Nu%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8274d3394c890eb1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3154
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 icotwi.png
www.pinturillo2.com/w/img/footer/ 3 KB
4 KB 193ms
191ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/w/img/footer/icotwi.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78164210ecf4b4ea8c4e367a91fc620dfb222ce557c3b8836235a7badfb5c467

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:12 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVIyO%2F3y1iD4MS2GEAYiTNayaJuNGOUao9DzIs55mPlnuzQrcNcHvYxoqUoIWUOWW6ehUoVACPQFc%2FsON%2FAA%2BGFYhE%2Fdb3QKkmZFgx1AT%2F0dZpk1ZZF57hE2M%2Ff3i3p2mhU3kyS6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8274d3394c8b0eb1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3408
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 ban1.png
www.pinturillo2.com/w/ban/ 11 KB
12 KB 173ms
172ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/w/ban/ban1.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94fe1d55ae21b6732c46db5cabfd70a040af149cadfa1235ff20852bf35966c6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:12 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOb9EE%2FxMIlwaRA%2FlIU%2FmVU2YXoxE0X0k2mggY%2B4Ri5uB83XmUNoPBkKzWDDvyu9UTRwHjbVbzHw0Tu0cHKuz1RMOjZ6kNf47cNpSgiBqpzUqN9tQg%2FxgxXMJx1ZXAqTILlwGjRN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8274d3394c8c0eb1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11360
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 poki-sdk-core-b1d2d1a95aba1833415f8c020d37ce2d3925beb4.js Show response
game-cdn.poki.com/scripts/b1d2d1a95aba1833415f8c020d37ce2d3925beb4/ 184 KB
51 KB 75ms
44ms Script
text/javascript 2606:4700::6811:9325
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://game-cdn.poki.com/scripts/b1d2d1a95aba1833415f8c020d37ce2d3925beb4/poki-sdk-core-b1d2d1a95aba1833415f8c020d37ce2d3925beb4.js
Requested by: Host: game-cdn.poki.com
URL: https://game-cdn.poki.com/scripts/v2/poki-sdk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:9325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a44eba1cb7fbbfcfaad1e2390bd98c46806114e54cd98086527efdb9109c2d70

Request headers

Referer: https://www.pinturillo2.com/
Origin: https://www.pinturillo2.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:12 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1ZQK3MHR1ZBPT208
age: 141258
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: h3Vy7Jh6rk3FwtNQgqZZOkydwhFW6GrrEKlLOz9zpXYYEOlcpnJHiNxmiDn9iaKJ+phI38FpjXD8AhRaWlDEnQ==
last-modified: Wed, 15 Nov 2023 10:37:55 GMT
server: cloudflare
etag: W/"0431cec49e08f732a63483d478e6fabf"
access-control-max-age: 31557600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=10800, stale-if-error=86400
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cf-ray: 8274d3397a690bd7-AMS

GET
H3 200 main.js Show response
www.pinturillo2.com/appData/min/js/ 3 KB
2 KB 182ms
181ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/min/js/main.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/w/js.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 527dcd7b35313805b08d03c304051f867afb8033ab123e6a575a3d9331a4e9f4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:12 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbLGvMKR%2FDMYnrAr1IbHgGWkJzRpIq5MaIQVfE2ZpcOPJV7e6AR20OmmwjV6HrAhbwEMh82FV4a3%2FLDJGMpE1XRzAxZMcNurdJMS4P5zHsqX4EmhdGLrBMn8bzbHPWgYSmynLQvz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 8274d3395c920eb1-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/11Vb-uusbgv8t/pinturillo2.com/
Redirect Chain

https://cmp.quantcast.com/choice/11Vb-uusbgv8t/pinturillo2.com/choice.js?tag_version=V2
https://cmp.inmobi.com/choice/11Vb-uusbgv8t/pinturillo2.com/choice.js?tag_version=V2

4 KB
2 KB

150ms
67ms

Script
application/javascript

2600:9000:214f:1a00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/11Vb-uusbgv8t/pinturillo2.com/choice.js?tag_version=V2
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Server: 2600:9000:214f:1a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f4b42dd1e22a1bdd89367dd28885c2458639394318f65939c0b29c142101a60

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:14 GMT
content-encoding: br
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 18:40:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
etag: W/"36ceb26611385c1a5bb286a27331727b"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: sV1uJ6435A8jfSE0Heo_V1lGDiWR1Jc0X4AOOJjzHajP8NO_KgCl3Q==

Redirect headers

x-amz-website-redirect-location: https://cmp.inmobi.com/choice/11Vb-uusbgv8t/pinturillo2.com/choice.js?tag_version=V2
date: Fri, 17 Nov 2023 03:18:14 GMT
via: 1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
last-modified: Tue, 14 Nov 2023 18:40:40 GMT
server: AmazonS3
etag: "6bf240ed80b177f6cf04cbee85b138ae"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location: https://cmp.inmobi.com/choice/11Vb-uusbgv8t/pinturillo2.com/choice.js?tag_version=V2
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: DA4XP20HI1zpg_US33kfN0T9sLlk-lIHirgrTVC2KPg42kL8VLe_Nw==

GET
H3 200 part1.csv Show response
www.pinturillo2.com/appData/data/ 682 B
1 KB 169ms
168ms XHR
text/csv 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/data/part1.csv
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aacdd32e52f9e3a25c072439bda2d14baccfe2416dac4e64479516381e64b80d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
cf-cache-status: BYPASS
last-modified: Thu, 20 Apr 2023 19:41:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2aa-5f9c9b9f2e7c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fLRx9Is5deKAIQDi3fWAg3HCcRwQvAJOIENNh%2B%2B1HhAJ2W2ATrvzCr2EG7O2VS9ewLL0hgLQe1bCYBjaMXpinEGkBXi3RCVKtae36yzTOT8nmmf%2BYz22bf63K8HtugllIT1Wizu"}],"group":"cf-nel","max_age":604800}
content-type: text/csv
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8274d33a9de10eb1-AMS
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 script.js Show response
cadmus.script.ac/d1r100yi8pmbig/ 129 KB
45 KB 115ms
32ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbc7b7ca3086c20de446422733e499c41abb21382935d0bf6cb853d61973ce07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 21:56:17 GMT
server: cloudflare
age: 0
etag: W/"e5784b218d08e328293d4744966611a4df64295a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 8274d33b5ef9b906-AMS

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 90ms
32ms Fetch
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231117

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4452a656d8e30f51db5e00d47fc827013467f6c77d0eb2de0b086e752ebf9262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 40640
x-jsd-version: 1.0.1876
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-ams21052-AMS
x-jsd-version-type: version
server: cloudflare
etag: W/"63b-x6r4vBjPDeNqG5LT7S05uqZKQHo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpqgo5NXnhSyhDNZWcx0bBRn%2FSwSQVqcVeEhfKmMjqRqtSb%2Ff0u%2FEZUA2tCY0yh9mH5grI8mgCdSzIhXBKsAi2R43y8utyuZGisPpsMofz6%2FFujynHLV4D0Yw9MeNXqYB6yBeM%2BI%2FqDMYu0397w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8274d33b3b930ead-AMS

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 162ms
53ms Script
application/javascript 52.84.104.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.104.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-104-95.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:07:59 GMT
content-encoding: gzip
via: 1.1 699b505ca4c2135b52633ef9f9cd2ac0.cloudfront.net (CloudFront), 1.1 c95660782748949d053eb3a230829212.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:44 GMT
server: AmazonS3
x-amz-cf-pop: DUB2-C1, BUD50-C1
age: 615
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: j4zlsQki7jzZTmn3H9IZYXbolCk_pUTG9RvdAjsxtAeB-7j83FFSfw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
30 KB 217ms
88ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68ad0457342d41428ee8301007811c7745be0a4cadd6a41910fea6e189fa7a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30674
x-xss-protection: 0
server: cafe
etag: 301 / 19678 / 31079658 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:18:13 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 139ms
43ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128094
x-xss-protection: 0
expires: Fri, 17 Nov 2023 03:18:13 GMT

GET
H2 200 tag Show response
btloader.com/ 71 KB
24 KB 105ms
34ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f75970fad9ff1a0e45d29953a8972812c280bab858cb35d139eac7b0c1875434

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 17 Nov 2023 02:30:37 GMT
server: cloudflare
age: 2853
etag: "9a3cda79de2ebde162c3c2bb6884becc"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8274d33b5e5466bd-AMS
content-length: 23844

GET
H2 200 adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ 16 B
368 B 38ms
37ms Script
application/javascript 2606:4700:20::ac43:47de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 267451
x-host: adinplay-1
content-length: 16
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
server: cloudflare
etag: "5ac4f9a5-10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ndNvRiLoBghqq6YaEXp1se7FwC5Eh5B9RIWqv9GHlg%2BO%2FaEA%2BU7Qhufs9crXWVl%2F3m2mIoW34RMeg1fIwNfEBn%2B%2BHgeyyd6gxJNjJ33ZRWc%2BJixnPasHSMHnGru35y4fo%2FU%2FpM97IRigJp4uj8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8274d33aeb02b8c4-AMS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
81 KB 57ms
55ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HK2QY2JTE8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6337473-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cad8cf48fbd4a2a4a403ddaf8fcc912935025f72f1073ecb2606a986fb116603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 03:18:12 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 86ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HK2QY2JTE8&gtm=45je3b81v9117433543&_p=1700191092661&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=487016745.1700191093&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1700191093&sct=1&seg=0&dl=https%3A%2F%2Fwww.pinturillo2.com%2F&dt=Pinturillo%202%20-%20Draw%20and%20guess%20multiplayer%20online%20game&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=984
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HK2QY2JTE8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 easeljs.min.js Show response
code.createjs.com/1.0.0/ 125 KB
35 KB 147ms
39ms Script
text/javascript 2a02:26f0:3500:11::215:14cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/easeljs.min.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 9b895d5dd6bad4309956ebc2100019787940b0391e30432dac7ebc75fd6cc4c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 35817
expires: Fri, 17 Nov 2023 03:33:13 GMT

GET
H2 200 tweenjs.min.js Show response
code.createjs.com/1.0.0/ 26 KB
8 KB 143ms
36ms Script
text/javascript 2a02:26f0:3500:11::215:14cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/tweenjs.min.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: a7fd9431277d14034c3b19696a73dc91a59997673cdbba25adbdcf853550bc15

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 8521
expires: Fri, 17 Nov 2023 03:33:13 GMT

GET
H3 200 manage.js Show response
www.pinturillo2.com/appData/min/js/ad/ 570 B
752 B 163ms
161ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/min/js/ad/manage.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8edc9843ba3c1265cf8c6091972b665fd5a49c9aeab9c9475300203e7b21de49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r92LcXQKW6dmE0y4XBSpr5wnO6XIr7d4H0kYlexNhT1erp5z5P1sKfemfD5ilsTS1FLgGq1Bcep%2B9F1Vfc6uGSbBKEWhLzflE5H3ap5w7SMNqkSvxSfSbBAO9gGY6IUhmEOPgpN6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 8274d33bded80eb1-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 apk.js Show response
www.pinturillo2.com/appData/min/js/ad/ 1 KB
1 KB 195ms
193ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/min/js/ad/apk.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d03670b969b98046a686b56bbf289cf501c880ddc360d870e452587c2fcd01af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIogciROyXjhMPrI8cXub53RrMNqX%2FRAzK6l6WjuzHa2%2BogUQ6KfsOf2LqjHgiflEH0h4a0k%2F60x6AGplyCwMV76bpqdxVMzDlnCWn%2FNl9QrzrMlG%2BBoNdtUPdoEowT%2BBhZUVCkT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 8274d33bded90eb1-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 aaip.js Show response
www.pinturillo2.com/appData/min/js/ad/ 3 KB
1 KB 195ms
194ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/min/js/ad/aaip.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4833cf6a43e6a5ad628793f1737068c2a225df32cf8834c84e3191c8d5d12d48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emle4hFidu0QYZ%2BLoYV75pZpZNWrIViTpVpkJGWvNh1f61OIP0IXWdMxnvMS7MVE8pBqsiIAhHW9WKUTZZrwjHBfhpLeZb8PZmP3Vj7Sb4wdkLZ2%2FnTw4LXGl36njiJJc9GlRWtt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 8274d33bdeda0eb1-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 data.js Show response
www.pinturillo2.com/appData/min/js/ 60 KB
17 KB 196ms
194ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/min/js/data.js
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be360e5c28eb29c92a2b5ad2c14a0bc60b7a939696531f8e924b7ddd9e95daa1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dDbvvtpX6wkQ%2FT%2B5wezjsllj1VuADYgTzyONuHFWIEf1eu1JX1JttGAAXMSzUUuRdyC84kD3Zo5%2FRAO6Js6wWCTe2i2cWSywnhfYHrmSwxdPXXCxn7%2Fe%2BKyoj%2BD2IRj%2FLQKK1H6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 8274d33bdedd0eb1-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 style.css
www.pinturillo2.com/appData/min/css/ 135 B
590 B 196ms
195ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/min/css/style.css
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b75241bb66fff0353a92342d1f4ee366803a5110850f7131c239bdca4e20e5e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMNlwrpGaQW0rusIvMod4C%2FJ4XYf%2FfBkZEWLfzT0i5Fh2BWlYZ9vBQj4SeSN3AVTjaNkd%2B8c30vK4GZ2uZgSxH%2FFk8mWA5%2FRr%2B7ywItO%2FBuVcuxSyD8GyhtrhZ%2B94UkbMe7zx0mC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 8274d33bdede0eb1-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 icoback.png
www.pinturillo2.com/appData/data/img/ 549 B
1 KB 194ms
193ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/appData/data/img/icoback.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da8f8ab7f8cff2efc4cabf5f7392f354fbeedc445f6052c089b2e48a6f2311fd

Request headers

Referer: https://www.pinturillo2.com/
Origin: https://www.pinturillo2.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKTtHMF59PXXYVImj6pGEsmogemVfUSsyFN1cK%2BsODvWIkY2X%2B2H%2B1XqSP8Dls72XdQwitfK1C6YCqa37%2BT8wvnNb0ZcIIzRZQBsUBG8zhyhafiMj7Ptvj886U5DhpjwwxIrD51n"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8274d33bdee40eb1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 549
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 icoplanet.png
www.pinturillo2.com/appData/data/img/ 1 KB
2 KB 194ms
193ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/appData/data/img/icoplanet.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac42067501d04dc982256c9b02e3264f08f6ec98d4239270f0846ad4c04c212

Request headers

Referer: https://www.pinturillo2.com/
Origin: https://www.pinturillo2.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDJE5PNby3UbSmMss59dgYbIoD7UZ5FybBoYzFl0QjxaIhm1mZYI1AYQUQGfXZ2%2Bac1ZGrExKRp9JNNQ7tsUG6le578%2F%2FG2vaUkXpKunQHDyJ%2BJeKQwPNhCky0N8QQG6TmGqQioN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8274d33bdee60eb1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1435
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 loader.png
www.pinturillo2.com/appData/data/img/ 9 KB
10 KB 167ms
166ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/appData/data/img/loader.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc7f783327a4f44f84a12c93bc0d32bceeb800bc96a911dd4295e592eef2ac2f

Request headers

Referer: https://www.pinturillo2.com/
Origin: https://www.pinturillo2.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBapr9j28Stj%2BTbmaTsnJNqye5%2F9YpwbWM%2ByJgcQlO9BY93vZKqS1QHYx4FFs0URut0kM4xt60t8c7f2scXoW9etBF08SoIMhhVvVZ1OD%2F%2F29aNAG%2Bx6MphaLXqyfB%2Brbyyo%2BnPF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8274d33bdee70eb1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 9482
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 logotop.png
www.pinturillo2.com/appData/data/img/ 11 KB
12 KB 165ms
164ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/appData/data/img/logotop.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e445ddc0b5c15f3cd8b3cb7bdc0a8f8c8ca8f0a832f3c91107573dc927ab7143

Request headers

Referer: https://www.pinturillo2.com/
Origin: https://www.pinturillo2.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ldf03r3B1xkf44azq27L7miRCFIyog7tV0a2aQqHFnvB36%2BXqZg0AmTsHygTEbFLyH7KAaCDld%2Fq18japi8PP3b6nBJYdrKeddbZfrTxKawHyWel4o9EvPzAvsI0VZhcqBQSDfAP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8274d33bdee80eb1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11559
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 logoIntro.png
www.pinturillo2.com/appData/data/img/ 25 KB
25 KB 211ms
210ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pinturillo2.com/appData/data/img/logoIntro.png
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 406448769d3f734b29da1f99563a0757dc7b40f8e1dc6e0dc87f1f07cc8cbb30

Request headers

Referer: https://www.pinturillo2.com/
Origin: https://www.pinturillo2.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ezB3Z%2Fy1YE8%2BZ%2Fv3AgIrHcNvZidduGqlbr7eyjBnCa9e9Xu9DHiFLrNX6HS%2BdjN6z08sCnOjmTN5a%2FGe9s6%2FJt0s1xdrumWzR7MbdvD7800y5cmURBrLWjQ5ik5v4sT%2FeQ9%2F8pK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8274d33bdee90eb1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 25485
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 201ms
125ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 03:18:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
350 B 123ms
44ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 677944
x-guploader-uploadid: ABPtcPpK96qzQkVG3Uqpbto9xPhO1G2J6A0obOyJ6yjcdHQxAno3vN1_mbm2V4Dfp9udTI9a8cAouiCsMw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jv6%2Ba2Y%2BwN2e6qdL6tsJHIqoWm1cGXU9UDQdzTTmWxE%2BU8HpV%2FSQyWdQxH1u6xE6q2DYsY8LIRsZ%2FXBKRomgodunfCp%2BuqjVx3DWQKlnZXrOHe0QxT%2BOE7d6X5XVFOH%2FUTAs66zy%2Bv18%2B0yQGA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8274d33c6b514178-AMS
expires: Thu, 09 Nov 2023 07:38:21 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
570 B 133ms
33ms Image
image/x-icon 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 02:20:51 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
923 B 116ms
38ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.4715938100894459
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 677944
x-guploader-uploadid: ABPtcPpK96qzQkVG3Uqpbto9xPhO1G2J6A0obOyJ6yjcdHQxAno3vN1_mbm2V4Dfp9udTI9a8cAouiCsMw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCcFWALT6nmyXu2YGOZIoITuNfTthUFGfV3TOvunYUyN3N%2BxM2vNgoFm9WpMTQrxzB0%2BB%2FZqykrZmZwzpowE9kQ%2F6kHol6bJD7nLLxKVzb2dBWvo%2FOp%2BQmoUwc0jtomqxwtpWHDqJR3Z4Wg2bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8274d33c6b504178-AMS
expires: Thu, 09 Nov 2023 07:38:21 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 112ms
112ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 220ms
115ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pinturillo2.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 17 Nov 2023 03:18:13 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 53b902f9-cf9c-4605-aec3-2c8ce65042b8 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
812 B 120ms
35ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/53b902f9-cf9c-4605-aec3-2c8ce65042b8
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 5793ae2fff25300ee13907746b024508a87ab90cfc9acbba42079ae9fbf4fcb0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:54:28 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1425
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: K1K1kxTOpchXYtxyr8XiGR4Ai14TU8ER-UmaewWy7kr0db2zkz74xg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
304 B 163ms
162ms XHR
text/plain 52.84.104.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.pinturillo2.com&pubid=53b902f9-cf9c-4605-aec3-2c8ce65042b8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.104.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-104-95.bud50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:12 GMT
via: 1.1 c95660782748949d053eb3a230829212.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: BUD50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.pinturillo2.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 4bTz_7LJHe-QLmo7ysYVcfB400U8zFe-iym5Alik75C5iNaTiN_4AA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 154ms
49ms XHR
application/javascript 52.84.104.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.104.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-104-95.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:37:10 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 a26540cbff437874d38da8924a9a8922.cloudfront.net (CloudFront)
x-amz-cf-pop: BUD50-C1
age: 63664
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: RgbtcFhi7gvqYPW2nlKgFd-h7Zl9L5vWxLBXbrx_9QzH6ZLacQUP0Q==

GET ppub_config
securepubads.g.doubleclick.net/pagead/ 0
0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 430 KB
135 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 12:38:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52761
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138013
x-xss-protection: 0
server: cafe
etag: 17202369310903786887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 15 Nov 2024 12:38:52 GMT

GET
H2 200 @sdk Show response
devs-api.poki.com/gameinfo/ 206 B
545 B 134ms
55ms Fetch
application/json 2606:4700::6811:9425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://devs-api.poki.com/gameinfo/@sdk?href=https%3A%2F%2Fwww.pinturillo2.com%2F&referrer=

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9425 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c3b5670a01f6506988a281dce6afe452f48831f72c60671e40e147b0098fde1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Nov 2023 02:32:33 GMT
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=10800, stale-if-error=10800
vary: Accept-Encoding
cf-ray: 8274d33dafc41b06-AMS
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding

GET
H2 200 / Show response
geo.poki.io/ 32 B
216 B 129ms
34ms Fetch
application/json 2606:4700::6812:da0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.poki.io/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194346de2123e8dc6ac7b9f63a35b2e31a87d3028a6a34fd11550d9d15d37b6b

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
server: cloudflare
access-control-max-age: 86400
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=3600
cf-ray: 8274d33dc8500a5c-AMS
alt-svc: h3=":443"; ma=86400
content-length: 32

GET
H3 200 settings Show response
api.poki.com/ads/ 43 KB
17 KB 56ms
51ms Fetch
application/json 2606:4700::6811:9325
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.poki.com/ads/settings
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:9325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9c2606c430ae68530fdbc2da88ae96df3482c73b52ca6627f5b23e662fd27e6

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Nov 2023 02:25:52 GMT
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3360, stale-while-revalidate=10800, stale-if-error=10800
vary: Accept-Encoding
cf-ray: 8274d33e0dcb0bd7-AMS
access-control-allow-headers: authorization, origin, content-type, accept
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 settings
api.poki.com/ads/ Frame 0
0 126ms
49ms Preflight 2606:4700::6811:9325
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.poki.com/ads/settings
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.pinturillo2.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: authorization, origin, content-type, accept
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8274d33dad5a0b3c-AMS
content-length: 0
date: Fri, 17 Nov 2023 03:18:13 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 country Show response
api.btloader.com/ 16 B
132 B 131ms
129ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H3 200 en.csv Show response
www.pinturillo2.com/appData/data/lang/ 1 KB
2 KB 66ms
65ms XHR
text/csv 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pinturillo2.com/appData/data/lang/en.csv
Requested by: Host: www.pinturillo2.com
URL: https://www.pinturillo2.com/appData/min/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b73f0e80b55094b02ae34777b94b16fc26d77d9dcea6ab616b7cbd4a868d45

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
cf-cache-status: BYPASS
last-modified: Sun, 16 Apr 2023 12:44:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4b8-5f9737049e700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEZjKqLFCvvthdZMUaKCK7g1E5q5k8ZKhhBGEi3ktVYby1TemelcWYMX3W%2B13bHoeiL1Hi3udedfbuQGNLbPYhSDuRi82PeVqysqdRRt37SioTwaPTFoMgWf30kecBls4tcP6kSX"}],"group":"cf-nel","max_age":604800}
content-type: text/csv
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8274d33d3fd70eb1-AMS
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H3 204 pv Show response
api.btloader.com/ 0
12 B 127ms
127ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=ZNv6SNta0&w=5114397264969728&o=5130683165442048&cv=2.1.23-7-g7ca04d5&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.pinturillo2.com%2F&sid=HNVkv6FEP&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 03:18:13 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 827 B
420 B 239ms
105ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fwww.pinturillo2.com%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fe45c434f04909e90dc3c351e58b1919b96ead10aeb5ae1ee45001d69d13c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 395
x-xss-protection: 0
expires: Fri, 17 Nov 2023 03:18:13 GMT

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/ 158 KB
41 KB 38ms
38ms Script
text/javascript 2600:9000:214f:1a00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=pinturillo2.com
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b86985bf02aee42f2742312bdc87c4b2bdef1eaec68c2c53dbf4719f199cb094

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:53:25 GMT
content-encoding: br
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1488
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 20 Sep 2023 19:17:26 GMT
server: AmazonS3
etag: W/"724779e7f0734a63d3f1c1d429f852ca"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: 4mjbg2faq8hztLT3jghZR621jiqD1dQ1vwoDEksMZRrwLGei87_-Ng==

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 4 KB
2 KB 129ms
35ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 03:18:13 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 06 Nov 2023 14:13:09 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 176877
ETag: W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqTKLyDRFU%2BgMPk%2FYMddLWpyVQBJ23e%2BtBLEvrKFhsNFMnNWf4fK3cldWs51QZGFpP0kiOQUgwnnLKnC9JgAyXfbvE5BEvgV8iVAFD1c61kj9JUJ0nwXSQUnoADowJRbIWOVMdVhczT0aA35"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 8274d33eebf4b897-AMS

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
415 B 128ms
38ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
400 B 118ms
39ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8274d33eec24b766-AMS
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 13 KB
6 KB 321ms
240ms Fetch
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0baa9e6aace46cc79b0aba61e8364dfda8224d4aeb00cee6edec1dec525815b1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: gzip
an-x-request-uuid: 03a172c7-131b-4e4a-9706-7d44c605b6c7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.197; 31.204.152.197; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 393 B
589 B 140ms
42ms Fetch
application/json 52.212.105.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=10452
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 098c23bb06159d925ad941fbbe315322c3d511f899dfdbff6fb912aa5b1b95b0

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 101ms
25ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.pinturillo2.com
date: Fri, 17 Nov 2023 03:18:13 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 371 B
899 B 174ms
82ms Fetch
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=15&rp_schain=1.0,1!adinplay.com,PNT,1,,,&rf=https%3A%2F%2Fwww.pinturillo2.com%2F&kw=guess%2Cdraw%2Cgame%2Cgames%2Cwebgame%2Chtml5%2Cfun%2Cflash%2Cmultiplayer&tg_i.domain=pinturillo2.com&tg_i.page=https%3A%2F%2Fwww.pinturillo2.com%2F&tg_i.pbadslot=%2F421469808%2C13904209%2Fpinturillo2.com_300x250&tk_flint=pbjs_lite_v8.10.0&l_pb_bid_id=1212a3252fb72f5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F421469808%2C13904209%2Fpinturillo2.com_300x250&slots=1&rand=0.2508066561835218
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 487df0f6d0857c2d520125bc82c1fa8776abe85d00bb2164e60f6baf1684bf3d

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 371
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 13 KB
6 KB 308ms
238ms Fetch
application/json 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00c4511c6556486b58c3ba278a21a64d6910fc4ff4b3dfdc5b4dd9b101a1356

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8274d33ef9e86698-AMS
expires: 0

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 84 B
433 B 159ms
44ms Fetch
application/json 52.19.132.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.132.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-132-136.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 69ffddbc8edf0fc8f98b52209eea1847736512c1560d25e59542b73d26609b1d

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.pinturillo2.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 84 B
432 B 151ms
46ms Fetch
application/json 52.19.132.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.132.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-132-136.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: c7e4d66394d7b67753ff6b55ca803a4c72affc388bce44e802671d604d67f7dc

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.pinturillo2.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
415 B 132ms
74ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
139 B 152ms
107ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8274d33eec27b766-AMS
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 373 B
722 B 153ms
88ms Fetch
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=15&rp_schain=1.0,1!adinplay.com,PNT,1,,,&rf=https%3A%2F%2Fwww.pinturillo2.com%2F&kw=guess%2Cdraw%2Cgame%2Cgames%2Cwebgame%2Chtml5%2Cfun%2Cflash%2Cmultiplayer&tg_i.domain=pinturillo2.com&tg_i.page=https%3A%2F%2Fwww.pinturillo2.com%2F&tg_i.pbadslot=%2F421469808%2C13904209%2Fpinturillo2.com_300x250_2&tk_flint=pbjs_lite_v8.10.0&l_pb_bid_id=2400e3db4993c3c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F421469808%2C13904209%2Fpinturillo2.com_300x250_2&slots=1&rand=0.5702313307262301
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a5aab9ba96f6cd58800a38023a870c735e599f6afe975618af5f04c77966ce63

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 373
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 145 B
968 B 154ms
111ms Fetch
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

025e1ec1c607a7206e6bd7e99558e017848731e3a1f40196bb37200cc2b6d389

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
an-x-request-uuid: ec1b3f83-e39b-4d73-b4d1-68478b4bd393
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.197; 31.204.152.197; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 14 KB
7 KB 256ms
215ms Fetch
application/json 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c084880ad61d4b68f2270d0191f45d0894fd6aceb5afae41a057aa16cad08197

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8274d33ef9ea6698-AMS
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 373 B
723 B 145ms
90ms Fetch
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=15&rp_schain=1.0,1!adinplay.com,PNT,1,,,&rf=https%3A%2F%2Fwww.pinturillo2.com%2F&kw=guess%2Cdraw%2Cgame%2Cgames%2Cwebgame%2Chtml5%2Cfun%2Cflash%2Cmultiplayer&tg_i.domain=pinturillo2.com&tg_i.page=https%3A%2F%2Fwww.pinturillo2.com%2F&tg_i.pbadslot=%2F421469808%2C13904209%2Fpinturillo2.com_300x250_3&tk_flint=pbjs_lite_v8.10.0&l_pb_bid_id=309916c023d6de7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F421469808%2C13904209%2Fpinturillo2.com_300x250_3&slots=1&rand=0.7665549840562722
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 52efa7dafc6cea05703ba66e8ba5f63c65705069f7599889f07dce191349fe88

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 373
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 13 KB
6 KB 190ms
167ms Fetch
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

f774fc4e6faa37b6dda357117cf9de7d337b4166fffe664e658ff92795e1a5e1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: gzip
an-x-request-uuid: 2451969b-d736-4b55-8b01-321e18b0633c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.197; 31.204.152.197; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
416 B 65ms
37ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 84 B
432 B 118ms
45ms Fetch
application/json 52.19.132.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.19.132.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-132-136.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 9073f38a3808d11e23bc99e0af7cfe52ad557efcb8df04269d7f2e824e0b5e22

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.pinturillo2.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
139 B 62ms
47ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8274d33eec25b766-AMS
expires: 0

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 13 KB
6 KB 292ms
271ms Fetch
application/json 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/PNT/pinturillo2.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fb25ac829a5bf773fc05c271d552aaa325f3e0f9da9f8546a8d25b229e28d3f

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8274d33ef9e96698-AMS
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 139ms
59ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 03:16:44 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 89
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 17 Nov 2023 05:16:44 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
465 B 211ms
107ms XHR
text/javascript 52.84.105.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.pinturillo2.com%2F&pid=NnVhT6QjN7u41&cb=0&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22pinturillo2-com_300x250%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F421469808%2C13904209%2Fpinturillo2.com_300x250%22%7D%5D&schain=1.0%2C1!adinplay.com%2CPNT%2C1%2C%2C%2C&pubid=53b902f9-cf9c-4605-aec3-2c8ce65042b8&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.105.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-105-94.bud50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 cc83cc27259d9c51b700240a5e4b94bc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: BUD50-C1
x-amz-rid: C4V8HMS4CGER3GYADVVA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.pinturillo2.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: XMme3NnQ8MqtWZ0ElFQ_NN_USVDe_XyV5ydHFHAeqPfWUyOfZynhRA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 58 B
500 B 206ms
106ms XHR
text/javascript 52.84.105.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.pinturillo2.com%2F&pid=NnVhT6QjN7u41&cb=1&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22pinturillo2-com_300x250_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F421469808%2C13904209%2Fpinturillo2.com_300x250_2%22%7D%5D&schain=1.0%2C1!adinplay.com%2CPNT%2C1%2C%2C%2C&pubid=53b902f9-cf9c-4605-aec3-2c8ce65042b8&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.105.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-105-94.bud50.r.cloudfront.net

Software

Server /

Resource Hash

f98581c88197b6c95b16ba2e2349ce2204c79d779355568b41d711c756989c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 cc83cc27259d9c51b700240a5e4b94bc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: BUD50-C1
x-amz-rid: BJ2RB3HF4JQJ5ARYK44B
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.pinturillo2.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 58
x-amz-cf-id: KRdChYpXKLxtu55kD7aXVYM8QPkQaN4isjL2FdkQYNz81_obwxouTA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
465 B 200ms
107ms XHR
text/javascript 52.84.105.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.pinturillo2.com%2F&pid=NnVhT6QjN7u41&cb=2&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22pinturillo2-com_300x250_3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F421469808%2C13904209%2Fpinturillo2.com_300x250_3%22%7D%5D&schain=1.0%2C1!adinplay.com%2CPNT%2C1%2C%2C%2C&pubid=53b902f9-cf9c-4605-aec3-2c8ce65042b8&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.105.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-105-94.bud50.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 cc83cc27259d9c51b700240a5e4b94bc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: BUD50-C1
x-amz-rid: 6Q6EXR6GRJTRR6RQYSZN
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.pinturillo2.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: oJyrtf4GpoQf6_I7Jr-KFdhKlGrFBPxeGLRIjkmZ7ax-ZBrF1RJ6RA==

GET
H2 200 cmp-list.json Show response
cmp.inmobi.com/GVL-v2/ 11 KB
3 KB 110ms
37ms XHR
application/json 2600:9000:214f:1a00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=pinturillo2.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d681ff49044fea63b4518505a673fcb8922c75e7b02b0eda08ae72fbefab9fe

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:00:44 GMT
content-encoding: br
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1050
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 17 Nov 2023 03:00:42 GMT
server: AmazonS3
etag: W/"becf0e9051a0a86735f985c99f59ddcb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: HCPvhcvPJo9Ry56hHfYtR9tq4WnoPhRMipntDdwjt4bhNfC7GToznA==

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 129 KB
45 KB 45ms
32ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1abd5403982231efc54fd0cb6aba4a39ff9551bfb076fd4fdd768a212db35598

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 21:56:17 GMT
server: cloudflare
age: 0
etag: W/"e5784b218d08e328293d4744966611a4df64295a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 8274d33fa986b906-AMS

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 77 KB
24 KB 102ms
41ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 03:18:13 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 758497
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 06 Nov 2023 14:13:08 GMT
Server: cloudflare
ETag: W/"ccc354615ffb5b4afd96268bab4a6502"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQFFwfgq9Co%2FybxFxAWRkeeM1xx7lHeD%2FLKlLbeuGPuCp%2BjJUdWDVDSSlv7Y6EY7gb%2BAn5UwOMNia9K196NsdUMcwehPjWoo6K%2FGoOpgfzeJ9srLO%2BOYkgI3kiJPXjzh%2BPp0jJOA%2BXQEuDsd"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 8274d33ffb22664a-AMS

OPTIONS
H3 204 1a
i.clean.gg/ Frame 0
0 118ms
118ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pinturillo2.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 17 Nov 2023 03:18:13 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H3 200 1a Show response
i.clean.gg/ 0
15 B 114ms
113ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 03:18:13 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 cmp2ui-en.js Show response
cmp.inmobi.com/tcfv2/50/ 279 KB
68 KB 38ms
37ms Script
text/javascript 2600:9000:214f:1a00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6d5e774e27939f467f63355919f38e104d4565f951560c907ab628ccba0ff1e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:53 GMT
content-encoding: br
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 47660
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Wed, 20 Sep 2023 19:17:23 GMT
server: AmazonS3
etag: W/"5f4d1ed7d0555c967385aab25dd9d5b7"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: 5opaXH6xgHGMe6wuwKrembnmyRsy_xR3CYPPFJ9qy5oEnElEOrUeGg==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v3/ 542 KB
60 KB 43ms
39ms XHR
application/json 2600:9000:214f:1a00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=pinturillo2.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2021ccebbf2ea48b61d0ad8c658698653625b4aebacc075816b038c3c5abc586

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.pinturillo2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:59:24 GMT
content-encoding: br
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 11930
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 16 Nov 2023 23:59:19 GMT
server: AmazonS3
etag: W/"dd0acbdf5c71ad9c1d2c31c7df2c19ce"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: r5jsT_xwRsyVcbzJrRKJu16wCw-SQ8U6LtEm2ZPlPONLSVfBejpMVg==

GET
H2 200 google-atp-list.json Show response
cmp.inmobi.com/tcfv2/ 141 KB
33 KB 84ms
83ms XHR
application/json 2600:9000:214f:1a00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=pinturillo2.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0aa212492deb3d88b8a55d8c4c7cced86e815d5ffab77f96252db8bb4a1dd997

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:00:26 GMT
content-encoding: br
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1068
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 17 Nov 2023 03:00:24 GMT
server: AmazonS3
etag: W/"37c2778822e4ec73a8a31ed41abe36ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: OZNmDvzH6R6RdlZSHQSN_cdwVgt-JqLjqA9Fnlbx_Zw22RkSuODHkQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 66ms
66ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=255654867&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pinturillo2.com%2F&ul=en-us&de=UTF-8&dt=Pinturillo%202%20-%20Draw%20and%20guess%20multiplayer%20online%20game&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1615518644&gjid=596920985&cid=487016745.1700191093&tid=UA-6337473-3&_gid=998202299.1700191094&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&jsscut=1&z=990172356

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pinturillo2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
api.cmp.inmobi.com/ 2 B
101 B 128ms
33ms XHR
text/plain 35.157.44.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%2211Vb-uusbgv8t%22%2C%22domain%22%3A%22www.pinturillo2.com%22%2C%22publisher%22%3A%22Pinturillo%202%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.50%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22d7qjw%2FaceLFfPb30y68%2BFQ%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1700191093939%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-zusu9b0luy7yrff8f0j6%22%7D
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.44.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-44-143.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.pinturillo2.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 03:18:14 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame EC1E 9 KB
4 KB 601ms
46ms Document
text/html 52.84.106.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.106.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-106-43.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer: https://www.pinturillo2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 73702
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Thu, 16 Nov 2023 06:49:52 GMT
etag: W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified: Mon, 02 Oct 2023 23:54:30 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 9d638ed0e686bb5bd14bf9c73c1b0134.cloudfront.net (CloudFront)
x-amz-cf-id: yLhg-nH0uI0nG77EcYlG25CcQKp0TEPDZKKUxWjOh_WWCPh46bCgQQ==
x-amz-cf-pop: BUD50-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5: d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256: 8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 204 /
onetag-sys.com/usync/ Frame B3C7 0
0 38ms
38ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1700191093682

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.pinturillo2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 13BD 281 B
555 B 578ms
32ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.pinturillo2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Nov 2023 03:18:14 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame ADCA 16 KB
6 KB 577ms
36ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.pinturillo2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=108117
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Fri, 17 Nov 2023 03:18:14 GMT
expires: Sat, 18 Nov 2023 09:20:11 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FE7F 52 KB
17 KB 561ms
26ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.pinturillo2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 67240
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 17 Nov 2023 03:18:14 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 08 Nov 2023 05:49:52 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 907, 424768
X-Served-By: cache-lga13626-LGA, cache-ams21072-AMS
X-Timer: S1700191095.575658,VS0,VE0

GET
H2 200 load-cookie.html Show response
elb.the-ozone-project.com/static/ Frame 0CBF 12 KB
5 KB 61ms
61ms Document
text/html 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22aa041f4954f01508b14ab40d0b513a2d84e954ea1267dbc631084f7993fd88

Request headers

Referer: https://www.pinturillo2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8274d341cb2b6698-AMS
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 17 Nov 2023 03:18:14 GMT
expires: 0
last-modified: Thu, 16 Nov 2023 13:24:28 GMT
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 0CBF 20 KB
7 KB 120ms
55ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://elb.the-ozone-project.com/
Origin: https://elb.the-ozone-project.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:14 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8274d3457bfc66f2-AMS

POST
H2 200 cookie_sync Show response
elb.the-ozone-project.com/ Frame 0CBF 7 KB
2 KB 60ms
59ms XHR
text/plain 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/cookie_sync
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19567c897e34669ab62bcd0a9589d85ac2d98d4cfa2320ec97c3fa28c3287c95

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://elb.the-ozone-project.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8274d3454cdc6698-AMS
expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 13BD 46 KB
13 KB 35ms
34ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 16f6a89c89e20586fdb7ed77f218f6af5442e80c8c3116deb2ab0cdd5aae2001

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 03:18:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Nov 2023 12:56:28 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=34700
Connection: keep-alive
Content-Length: 13230
Expires: Fri, 17 Nov 2023 12:56:34 GMT

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame E7F6 3 KB
1 KB 147ms
41ms Document
text/html 3.248.115.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.115.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-115-153.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 913c7278640bf617b873f665585b060e3f9ee55f961be72a355b5b79530b3462

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 17 Nov 2023 03:18:14 GMT
etag: W/"013d3411f983932a28bcc1686d247da12"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame A000 0
0 36ms
35ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 27E4 657 B
907 B 124ms
36ms Document
text/html 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: bc8a0ca78b11b89ee4258efdec64fc1f304ef761d284f3f3d5dcf956563394c1

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 657
content-type: text/html
date: Fri, 17 Nov 2023 03:18:13 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 9125
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
787 B

123ms
59ms

Document
text/html

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 009f8d2a88011d475750d469489597aa1c39b3bc72be0688fcd34a5f2dd3ddbc

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8274d3472cca0a7b-AMS
content-encoding: br
content-type: text/html
date: Fri, 17 Nov 2023 03:18:14 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oq3WgGKMy3gtJ4CTUZk1We7OboqZ0F3JMHTLaJ%2BRCuavAu4kmhPJhBesAA5s2wMM%2BTpjiVQH8wAliIAnXle6BhUq3emlo4nJGZk1dCbl2L4vTXGV%2B0DIPWrP9X81YsNGuH4KjIcrs5NZEA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8274d3466c560a7b-AMS
content-length: 0
date: Fri, 17 Nov 2023 03:18:14 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9f8T2x2SAzC4xPX5Z6t0ZlQJU2gZPihLmmORJ63dL77lyWsV1L7UsSW%2FKMKOHy46NdmHKqGsokrRbDcmHZj1oq8brLFVFLpoDZwVKHj5dNt14EP2DcPSu4neBdAGjy%2B7YCzf7iMzelKHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 078B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
555 B

51ms
50ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Nov 2023 03:18:14 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 17 Nov 2023 03:18:14 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D860 16 KB
6 KB 33ms
28ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=108117
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Fri, 17 Nov 2023 03:18:14 GMT
expires: Sat, 18 Nov 2023 09:20:11 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame D14E 0
525 B 320ms
136ms Document
text/html 2600:9000:223f:3200:1f:4c18:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Fri, 17 Nov 2023 03:18:14 GMT
server: istio-envoy
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-id: jVp53MtMsKJytITyAnv0cg9htetC6YEYYtL47MaexxFV4hUOVhweew==
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 3
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame C39F 0
160 B 103ms
27ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Fri, 17 Nov 2023 03:18:14 GMT
Pragma: no-cache
Server: nginx

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame 5BC9 0
370 B 393ms
119ms Document
text/html 34.236.62.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.236.62.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-62-13.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Fri, 17 Nov 2023 03:18:15 GMT
server: istio-envoy
x-envoy-upstream-service-time: 0
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H2

200

sync
ads.servenobid.com/ Frame EC1E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=5932565963490263899

0
345 B

42ms
42ms

Image
image/avif

52.212.105.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=5932565963490263899
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:14 GMT
an-x-request-uuid: 8c1b714c-0328-468e-8912-d78486e94970
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.servenobid.com/sync?pid=312&uid=5932565963490263899
x-proxy-origin: 31.204.152.197; 31.204.152.197; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame EC1E
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=Hq1GrRZHcV-rsNFWQQuvg2-S

0
350 B

48ms
47ms

Image
image/avif

52.212.105.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=Hq1GrRZHcV-rsNFWQQuvg2-S
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 03:18:14 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=Hq1GrRZHcV-rsNFWQQuvg2-S
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame EC1E 0
277 B 102ms
28ms Image
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Nov 2023 03:18:14 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

sync
ads.servenobid.com/ Frame EC1E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1700191094822
https://ad.turn.com/r/cs?pid=45&rndcb=4017676926
https://sync.1rx.io/usersync/turn/8622163273124898760?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-9953c502-0341-404a-9e23-4bbd023606c5-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-9953c502-0341-404a-9e23-4bbd023606c5-003
https://ads.servenobid.com/sync?pid=321&uid=RX-9953c502-0341-404a-9e23-4bbd023606c5-003

0
361 B

42ms
41ms

Image
image/avif

52.212.105.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&uid=RX-9953c502-0341-404a-9e23-4bbd023606c5-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:15 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&uid=RX-9953c502-0341-404a-9e23-4bbd023606c5-003
date: Fri, 17 Nov 2023 03:18:15 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX9953c5020341404a9e234bbd023606c5003
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/ Frame EC1E
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5134455422232026881

0
344 B

53ms
53ms

Image
image/avif

52.212.105.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5134455422232026881
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5134455422232026881
Date: Fri, 17 Nov 2023 03:18:14 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame EC1E 0
411 B 721ms
169ms Image
text/plain 72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 03:18:15 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-2-5-44
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame EC1E
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

0
252 B

56ms
55ms

Image
image/avif

52.212.105.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date: Fri, 17 Nov 2023 03:18:14 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58559/ Frame EC1E 0
15 B 114ms
37ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58559/occ

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
ads.servenobid.com/ Frame EC1E
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://ads.servenobid.com/sync?pid=346&uid=ua-19713a57-91b2-3809-b1db-9b843237ec20

0
359 B

59ms
40ms

Image
image/avif

52.212.105.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=346&uid=ua-19713a57-91b2-3809-b1db-9b843237ec20
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:15 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=346&uid=ua-19713a57-91b2-3809-b1db-9b843237ec20
pragma: no-cache
date: Fri, 17 Nov 2023 03:18:15 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58632/ Frame EC1E 0
125 B 111ms
35ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58632/occ

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame EC1E 0
35 B 134ms
41ms Image
text/plain 3.65.142.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.142.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-142-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:14 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame EC1E
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

0
336 B

54ms
54ms

Image
image/avif

52.212.105.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:15 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Fri, 17 Nov 2023 03:18:15 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Fri, 17 Nov 2023 03:18:15 GMT

GET
H2 204 pbsync
ads.yieldmo.com/ Frame 0CBF 0
35 B 207ms
44ms Image
text/plain 52.215.12.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/pbsync?is=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.12.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-12-164.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:14 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame ADCA 0
42 B 151ms
33ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28730647&p=156857&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:14 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 27E4 0
344 B 54ms
53ms Image
image/avif 52.212.105.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=4494717592574740109&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET

getuid
ads.avct.cloud/ Frame 27E4
Redirect Chain

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver

0
0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 27E4
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDQ5NDcxNzU5MjU3NDc0MDEwOQ==&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESECfMVmAUCyEwwrsVjs-YvYY&gdpr=0&gdpr_consent=&google_cver=1

43 B
416 B

52ms
52ms

Image
image/gif

185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESECfMVmAUCyEwwrsVjs-YvYY&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Nov 2023 03:18:14 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESECfMVmAUCyEwwrsVjs-YvYY&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 27E4
Redirect Chain

https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=cWN0sSM0drBqZnHkczNstiQzJeRqMnjkJjRo003l

43 B
163 B

132ms
43ms

Image
image/gif

185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=cWN0sSM0drBqZnHkczNstiQzJeRqMnjkJjRo003l
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:14 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=cWN0sSM0drBqZnHkczNstiQzJeRqMnjkJjRo003l
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 27E4
Redirect Chain

https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/smartadserver?zcc=1&cb=1700191094849
https://ad.turn.com/r/cs?pid=45&rndcb=7070617176
https://sync.1rx.io/usersync/turn/8550105679086970824?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-9953c502-0341-404a-9e23-4bbd023606c5-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-9953c502-0341-404a-9e23-4bbd023606c5-003
https://ads.servenobid.com/sync?pid=321&uid=RX-9953c502-0341-404a-9e23-4bbd023606c5-003

0
361 B

42ms
40ms

Image
image/avif

52.212.105.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&uid=RX-9953c502-0341-404a-9e23-4bbd023606c5-003
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:15 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&uid=RX-9953c502-0341-404a-9e23-4bbd023606c5-003
date: Fri, 17 Nov 2023 03:18:15 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX9953c5020341404a9e234bbd023606c5003
content-type: text/html

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E7F6
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=5932565963490263899

35 B
250 B

276ms
45ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=5932565963490263899
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 17 Nov 2023 03:18:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:14 GMT
an-x-request-uuid: 3fef372e-9562-45ec-bc4f-146fd056322e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=5932565963490263899
x-proxy-origin: 31.204.152.197; 31.204.152.197; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame E7F6
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3142e795-563a-4185-8712-b9b45c5a6230&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3142e795-563a-4185-8712-b9b45c5a6230&gdpr=0&gdpr_consent=&us_privacy=1---
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=63d1f966-831a-4c83-937a-f772fe42c83b&gdpr=0&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=63d1f966-831a-4c83-937a-f772fe42c83b&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=9c57c2fb-6b95-447a-8574-e96bcc88db1d&ssp=gumgum2&expires=30&user_group=5&bsw_param=63d1f966-831a-4c83-937a-f772fe42c83b

43 B
145 B

33ms
32ms

Image
image/gif

3.126.125.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=4&user_id=9c57c2fb-6b95-447a-8574-e96bcc88db1d&ssp=gumgum2&expires=30&user_group=5&bsw_param=63d1f966-831a-4c83-937a-f772fe42c83b
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 3.126.125.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-125-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

Location: https://x.bidswitch.net/sync?dsp_id=4&user_id=9c57c2fb-6b95-447a-8574-e96bcc88db1d&ssp=gumgum2&expires=30&user_group=5&bsw_param=63d1f966-831a-4c83-937a-f772fe42c83b
Date: Fri, 17 Nov 2023 03:18:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E7F6
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=fcdb2bb6-b59d-40c8-b3fc-d4bea9818254

35 B
250 B

53ms
52ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=fcdb2bb6-b59d-40c8-b3fc-d4bea9818254
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 17 Nov 2023 03:18:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Fri, 17 Nov 2023 03:18:15 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=fcdb2bb6-b59d-40c8-b3fc-d4bea9818254
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E7F6
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-062d1056-6a01-577d-63aa-95d056b2ed5e$ip$31.204.152.197

35 B
250 B

54ms
53ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-062d1056-6a01-577d-63aa-95d056b2ed5e$ip$31.204.152.197
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 17 Nov 2023 03:18:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-062d1056-6a01-577d-63aa-95d056b2ed5e$ip$31.204.152.197
Date: Fri, 17 Nov 2023 03:18:15 GMT
Connection: keep-alive
Content-Length: 128
Content-Type: text/html; charset=utf-8

GET
H2 200 gumgum
pr-bh.ybp.yahoo.com/sync/ Frame E7F6 43 B
426 B 216ms
53ms Image
image/gif 2a05:d018:d29:3602:b34:3da1:cf11:a756
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:b34:3da1:cf11:a756 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E7F6
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=94e13938-a008-411c-9768-cb53cb8d0568

35 B
250 B

43ms
43ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=94e13938-a008-411c-9768-cb53cb8d0568
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 17 Nov 2023 03:18:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=94e13938-a008-411c-9768-cb53cb8d0568
Date: Fri, 17 Nov 2023 03:18:15 GMT
Connection: keep-alive
X-CI-RTID: 54835208-3703-4426-9afe-d99e888578d3
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 200 142
match.deepintent.com/usersync/ Frame E7F6 0
44 B 464ms
128ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:15 GMT
content-length: 0
server: a

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E7F6
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3142e795-563a-4185-8712-b9b45c5a6230&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_3142e795-563a-4185-8712-b9b45c5a6230&s=2&us_privacy=...
https://usersync.gumgum.com/usersync?b=zem&i=p_-AdYc7CyXnJ93dlON7&gdpr=0&us_privacy=1---

35 B
250 B

43ms
43ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=p_-AdYc7CyXnJ93dlON7&gdpr=0&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 17 Nov 2023 03:18:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 03:18:15 GMT
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&i=p_-AdYc7CyXnJ93dlON7&gdpr=0&us_privacy=1---
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E7F6
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=DjYbny8TInYf&ev=1&pid=558355

35 B
250 B

182ms
45ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=DjYbny8TInYf&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 17 Nov 2023 03:18:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: nl-NL
location: https://usersync.gumgum.com/usersync?b=pln&i=DjYbny8TInYf&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6b57df6cd5-7gjgb
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame E7F6
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=4494717592574740109

35 B
250 B

277ms
46ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=4494717592574740109
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 17 Nov 2023 03:18:15 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=4494717592574740109
date: Fri, 17 Nov 2023 03:18:14 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame E7F6 0
358 B 95ms
41ms Image
image/avif 52.212.105.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_3142e795-563a-4185-8712-b9b45c5a6230
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:14 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 1326
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=adf&i=6856144553523383611&gdpr=0&gdpr_consent=

35 B
208 B

70ms
53ms

Document
image/gif

3.248.115.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=adf&i=6856144553523383611&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.115.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-115-153.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
content-length: 35
content-type: image/gif;charset=UTF-8
date: Fri, 17 Nov 2023 03:18:15 GMT
expires: 0
pragma: no-cache
server: nginx
timing-allow-origin: *

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Fri, 17 Nov 2023 03:18:15 GMT
expires: -1
location: https://rtb.gumgum.com/usersync?b=adf&i=6856144553523383611&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame C819 170 B
409 B 398ms
68ms Document
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zMTQyZTc5NS01NjNhLTQxODUtODcxMi1iOWI0NWM1YTYyMzA=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:18:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1073 16 KB
6 KB 82ms
34ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=108117
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Fri, 17 Nov 2023 03:18:14 GMT
expires: Sat, 18 Nov 2023 09:20:11 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame D1AE 70 B
149 B 191ms
43ms Document
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Fri, 17 Nov 2023 03:18:15 GMT
server: Kestrel

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame ED55
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZVbbd8Co5sEAAAvW.jAAAAAA

35 B
250 B

42ms
42ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZVbbd8Co5sEAAAvW.jAAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 17 Nov 2023 03:18:15 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Fri, 17 Nov 2023 03:18:15 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZVbbd8Co5sEAAAvW.jAAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 0
X-SO-HostName: a-ad40172.dc2p.scaleout.jp
X-SO-IP: 31.204.152.197
X-SO-Key: ZVbbd8Co5sEAAAvW.jAAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZVbbd8Co5sEAAAvW.jAAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40172"}
X-SO-LB-Hostname: a-tgng40003.dc2p.scaleout.jp
X-SO-Upstream-ID: a-ad40172

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame FF89
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=fIR73G59ZkqzTOvG-Q7XxkWX6l7PZepfjwVbpFYh6xc&pi=gumgum&tc=1

35 B
250 B

70ms
52ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=fIR73G59ZkqzTOvG-Q7XxkWX6l7PZepfjwVbpFYh6xc&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 17 Nov 2023 03:18:15 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Fri, 17 Nov 2023 03:18:15 GMT Fri, 17 Nov 2023 03:18:15 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=fIR73G59ZkqzTOvG-Q7XxkWX6l7PZepfjwVbpFYh6xc&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 57FE
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
555 B

80ms
42ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Nov 2023 03:18:15 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 17 Nov 2023 03:18:14 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 078B 46 KB
13 KB 43ms
43ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 16f6a89c89e20586fdb7ed77f218f6af5442e80c8c3116deb2ab0cdd5aae2001

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 03:18:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Nov 2023 12:56:28 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=34700
Connection: keep-alive
Content-Length: 13230
Expires: Fri, 17 Nov 2023 12:56:34 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 9125
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=3fb0938ccccb41edbceb320ffb6b769b
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8550105679086970824
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0

70 B
148 B

55ms
55ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:15 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Date: Fri, 17 Nov 2023 03:18:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 9125
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVbbdt0TJJ-lgNYTsbOuBgAAFD8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMLAnw8-fqjs6XfKpieUOEA&google_cver=1

43 B
765 B

63ms
63ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMLAnw8-fqjs6XfKpieUOEA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEtrXyVXiaOSqUsOuZLA8DtcCLn9WNSIfCxAuADOpRAN7hMtK5WH%2FfGCiduKNxsmoAGP1W%2Fb7Rg9LusYPwko9yeI0Am4tZ6AGvt08v33uYUMmGznjbRvlrhCYycxOIJtAiYVshPl21r9hg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8274d3496cce0e88-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMLAnw8-fqjs6XfKpieUOEA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9125 70 B
148 B 58ms
54ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:15 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9125
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVbbdt0TJJ.lgNYTsbOuBgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHeLeDt0aZvyZKTmYSBO0GA&google_cver=1&google_hm=2

43 B
733 B

49ms
48ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHeLeDt0aZvyZKTmYSBO0GA&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIlysLfCLwlfTvy6gSh5nqpN6YpPo9mB4tUJ25960L8V0sV7oeuXiMg0JKRYxgA4lQcKbCKGAS9cJ6DM3rrB%2FB2oJIlUaXkyE7IIfqDxN%2F4RXwZMvg%2FvwaupflMFozyXGZ6Tz1ZXJL7hXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8274d349ed560e88-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHeLeDt0aZvyZKTmYSBO0GA&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 CookieIndex
rtb.adentifi.com/ Frame 9125 0
35 B 513ms
109ms Image
text/plain 34.196.172.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.172.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-172-118.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:15 GMT

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 9125
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=19
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=99a960da615d4b10a0c6fb15fe108e6a&expiration=1702783095

43 B
332 B

48ms
47ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=99a960da615d4b10a0c6fb15fe108e6a&expiration=1702783095
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grrpkPa%2B8DnMeICUuQwbEEW0ZlZv0PwS8JdL6Dq%2FtStk9bU%2BhOaYmy9ZJ54c6%2BiS%2FZzcG9OzF1VLO627a8OrNMPAaQgBEcLCDxwB14CWsWZchO1%2FAhbEmaECCNjRibEnj%2FWagT7lGUuR1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8274d3493e820a7b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:14 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=99a960da615d4b10a0c6fb15fe108e6a&expiration=1702783095
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 9125
Redirect Chain

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183&tc=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=fIR73G59ZkqzTOvG-Q7XxkWX6l7PZepfjwVbpFYh6xc&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183&tc=1

43 B
336 B

54ms
54ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=fIR73G59ZkqzTOvG-Q7XxkWX6l7PZepfjwVbpFYh6xc&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183&tc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3w3EKbcEbTBbMOX4COuJbxdC0J0Fh8derjlPdIhs%2BlQ4jMvDNu2KiWlBTDd8JZMw9YawW%2FPCpQndACKdZzohadlB6Irwy688hBRmk3hjtfnq1yQ%2FTI6xvI01dfAO591xbtX6L1vzaJjnsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8274d3490e5d0a7b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=fIR73G59ZkqzTOvG-Q7XxkWX6l7PZepfjwVbpFYh6xc&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183&tc=1
pragma: no-cache
date: Fri, 17 Nov 2023 03:18:15 GMT, Fri, 17 Nov 2023 03:18:15 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 9125
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4076098395278575480&expiration=1701400695

43 B
334 B

50ms
49ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4076098395278575480&expiration=1701400695
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2F%2FuJLIbMQz675bQ3FVoMp8%2F2Arxn48NZZ%2BafyhsriSOjNhZwu1T%2BEfOFvINZB5d%2FirwRaoPnfr%2BgMWoqH%2BoGzWibQvCyAOkkHmrG2eEXCQqHwQNkJCsiDxii%2FOg38smUmne147328uBHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8274d3493e800a7b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4076098395278575480&expiration=1701400695
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 sync
ads.servenobid.com/ Frame 9125 0
356 B 55ms
52ms Image
image/avif 52.212.105.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZVbbdt0TJJ-lgNYTsbOuBgAAFD8AAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:15 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 PrebidServer
crb.kargo.com/api/v1/dsync/ Frame 0CBF 43 B
375 B 276ms
44ms Image
image/gif 18.184.81.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.81.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-81-67.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:15 GMT
x-accel-expires: 0
vary: Origin
x-rejected: consent
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 57FE 46 KB
13 KB 142ms
45ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 16f6a89c89e20586fdb7ed77f218f6af5442e80c8c3116deb2ab0cdd5aae2001

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 03:18:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Nov 2023 12:56:28 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=34699
Connection: keep-alive
Content-Length: 13230
Expires: Fri, 17 Nov 2023 12:56:34 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0CBF 70 B
148 B 64ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:15 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 13BD 7 B
380 B 167ms
33ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 0CBF
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=Hq1GrRZHcV-rsNFWQQuvg2-S

0
684 B

56ms
56ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=Hq1GrRZHcV-rsNFWQQuvg2-S
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8274d34a9f9e6698-AMS
content-length: 0
expires: 0

Redirect headers

Date: Fri, 17 Nov 2023 03:18:15 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=Hq1GrRZHcV-rsNFWQQuvg2-S
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 0CBF 0
239 B 150ms
32ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 078B 7 B
380 B 41ms
40ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 0CBF
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&consentString=&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drichaudience%26gdpr%3D0%26gdpr_consent%3D%26us_pri...
https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=

0
436 B

68ms
67ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8274d34d58f76698-AMS
content-length: 0
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
date: Fri, 17 Nov 2023 03:17:59 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.1
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 57FE 7 B
380 B 39ms
38ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 0CBF
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=32380009-2417-4b77-bf0b-0446e08a419f

0
791 B

55ms
55ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=openx&uid=32380009-2417-4b77-bf0b-0446e08a419f
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8274d34ea9a96698-AMS
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:16 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://elb.the-ozone-project.com/setuid?bidder=openx&uid=32380009-2417-4b77-bf0b-0446e08a419f
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121

GET
H2

200

setuid Show response
elb.the-ozone-project.com/ Frame 4BF0
Redirect Chain

https://onetag-sys.com/usync/?pubId=OZONEAIP0001&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26ui...
https://elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&uid=$UID

0
910 B

61ms
61ms

Document
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&uid=$UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8274d34f69fa6698-AMS
content-length: 0
date: Fri, 17 Nov 2023 03:18:16 GMT
expires: 0
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
content-length: 0
location: https://elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&uid=$UID
strict-transport-security: max-age=15552000

GET
H/1.1 200 pbs-user-sync Show response
ads.stickyadstv.com/ Frame A480 322 B
752 B 128ms
26ms Document
text/html 2607:ae80:4::26
FREEWHEEL

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: d76d07c667dab8d3ba7c32a38f291d3dfc46dc2e70d53995080eec9bf4620c70

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Date: Fri, 17 Nov 2023 03:18:16 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
x-sticky-vk: 1700191096269012-547

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 8725
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?pbs=true
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=4a722bc035f9ce6906d5f9e7b355bf8&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv29d6_7302265156793199870&gdpr=0&gdpr_consent=
https://pr-bh.ybp.yahoo.com/sync/stickyads/4a722bc035f9ce6906d5f9e7b355bf8?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-JUJqzeNE2oPY.3hfXyVfmgmlYwq1dmlgGl1MBg4I~A
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1

70 B
148 B

46ms
46ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Requested by: Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.stickyadstv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Fri, 17 Nov 2023 03:18:16 GMT
server: Kestrel

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Fri, 17 Nov 2023 03:18:16 GMT
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Pragma: no-cache
Server: nginx
x-sticky-vk: 1700191096756018-530

GET
H2 200 setuid Show response
elb.the-ozone-project.com/ Frame E3BA 0
448 B 74ms
73ms Document
text/plain 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Requested by: Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.stickyadstv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8274d350eabd6698-AMS
content-length: 0
date: Fri, 17 Nov 2023 03:18:16 GMT
expires: 0
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 0CBF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5932565963490263899

0
954 B

58ms
57ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5932565963490263899
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8274d3544c6f6698-AMS
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:16 GMT
an-x-request-uuid: ae136ce1-3d16-4dab-a3a0-bd8717b6f779
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=5932565963490263899
x-proxy-origin: 31.204.152.197; 31.204.152.197; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 isyn Show response
prebid.a-mo.net/ Frame 4040 168 B
230 B 31ms
31ms Document
text/html 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&s=pbs&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 82061fcc41a634c304f33448c3767877ad4989cc744a315587901a24a69fd868

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 17 Nov 2023 03:18:16 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 setuid
elb.the-ozone-project.com/ Frame 4040 0
439 B 59ms
57ms Image
text/plain 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=amx&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Requested by: Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&s=pbs&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8274d3550cc36698-AMS
content-length: 0
expires: 0

GET
H2 200 n1.js Show response
assets.a-mo.net/js/ Frame 4040 4 KB
2 KB 116ms
33ms Script
text/javascript 2606:4700::6813:9e13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.a-mo.net/js/n1.js
Requested by: Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&s=pbs&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dcb45c7869520cc2de9bf68a57fb50261d6ed32c40e8bf8291aec6d95714c04

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:17 GMT
via: 1.1 9bd09ac7aca1ea8ca6c788136a9ce480.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: AMS50-C1
age: 120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 13 Nov 2023 20:46:45 GMT
server: cloudflare
etag: W/"37e940ca81d635689b6a172b168374de"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-ray: 8274d3558f896624-AMS
x-amz-cf-id: uNINckIw5DnZCqIvFge3ANsSEjI_Vt8iyACju4cQLx66Qdprqq7OWA==
expires: Fri, 17 Nov 2023 04:18:17 GMT

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 0CBF 0
34 B 32ms
31ms Image
text/plain 3.65.142.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=1UfPRnxS&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.142.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-142-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:17 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 0CBF
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183

0
1 KB

57ms
57ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8274d3566d926698-AMS
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ha66C6WcHn%2BgBzIGT7z4Ct9nyVkU6FrmfU3CVb%2BrE6pLdUqlxuyKAvNo%2FNm24%2FCu%2BlkmESMbji1lA33YU9imvfqrU7Xd80zUUMbtpvNKuNNkUL1NweomvqNtWOpbo1t%2FghGMLDEy"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZVbbdt0TJJ.lgNYTsbOuBgAA%265183
cache-control: no-cache
cf-ray: 8274d3561ec20a7b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 server_match
ad2.360yield.com/ Frame 0CBF 43 B
199 B 194ms
45ms Image
image/gif 54.195.237.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.195.237.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-237-102.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 03:18:17 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ Frame 0CBF 0
104 B 152ms
50ms Image
text/plain 2a02:fa8:8806:21::1720
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1720 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:17 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E714 16 KB
6 KB 35ms
34ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=108114
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Fri, 17 Nov 2023 03:18:17 GMT
expires: Sat, 18 Nov 2023 09:20:11 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 0CBF
Redirect Chain

https://b1h-euc1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Doutbrain%26gdpr%3D0%26gdpr_consent%3D%26us_priv...
https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone

0
477 B

62ms
59ms

Image
text/plain

104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Server: 104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:18:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8274d35a5fd26698-AMS
content-length: 0
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 03:18:17 GMT
Content-Type: text/html; charset=utf-8
Location: https://elb.the-ozone-project.com/setuid?bidder=outbrain&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=&gdpr=0&us_privacy=pbs-ozone
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 178
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame E714 0
39 B 35ms
30ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=35001710&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:18:17 GMT
content-length: 0

GET
H2 204 pbsync
usermatch.targeting.unrulymedia.com/ Frame 8F4C 0
0 91ms
25ms Document
text/plain 46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=0&consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26%24UID
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

date: Fri, 17 Nov 2023 03:18:18 GMT

POST
H2 204 rum Show response
elb.the-ozone-project.com/cdn-cgi/ Frame 0CBF 0
189 B 277ms
246ms XHR
text/plain 104.18.43.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elb.the-ozone-project.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1700191093838&bidder=ozone
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Fri, 17 Nov 2023 03:18:18 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://elb.the-ozone-project.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8274d35c78ef6698-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fwww.pinturillo2.com%2F

Domain: ads.avct.cloud
URL: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver

Verdicts & Comments Add Verdict or Comment

344 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 16:59:43	Name: _li_ss Value: Cg8KBgjSARDCFgoFCAoQwhY
.script.ac/	1970-01-20 16:16:32	Name: __cf_bm Value: pkpN9nesjkxvldQHUCfu8D0F7EDRjK3wu_tGrM7qJ5k-1700191093-0-AQFuU2qW6WMxxV/OSA0zA6SomBCHMKC9DJw30OMgFtpcyq4AaTJRNUxYT/V8txHJRy1xLVyeu32LVHmk6zG18a0=
.pinturillo2.com/	1970-01-21 01:52:31	Name: _ga_HK2QY2JTE8 Value: GS1.1.1700191093.1.0.1700191093.0.0.0
.rubiconproject.com/	1970-01-21 01:02:07	Name: khaos Value: LP21VNU7-I-1FVB
.rubiconproject.com/	1970-01-21 01:02:07	Name: audit Value: 1\|yQuirGeEF6DYxwR66gd/yufhqFI7AU9Uad321cYfjPLLO0Tu12xHwjg1yzjYkq7zE5gfrFwbdMo1vkRsRGN5OvPzJ6cr+j5/FThqR8+WGPjEyVNLdBbxACKPLRELhl3x0A+VO7RH1E0=
.adnxs.com/	1970-01-20 18:26:07	Name: icu Value: ChgIzYVEEAoYASABKAEw9bbbqgY4AUABSAEQ9bbbqgYYAA..
.pinturillo2.com/	1970-01-21 01:52:31	Name: _ga Value: GA1.2.487016745.1700191093
.pinturillo2.com/	1970-01-20 16:17:57	Name: _gid Value: GA1.2.998202299.1700191094
.pinturillo2.com/	1970-01-20 16:16:31	Name: _gat_gtag_UA_6337473_3 Value: 1
.adnxs.com/	1970-01-20 18:26:07	Name: uuid2 Value: 5932565963490263899
.the-ozone-project.com/	1970-01-20 16:16:32	Name: __cf_bm Value: YuzZJoqwxDQ0kVFvofJxF7mptFg8974Q5CCMnCUz1vE-1700191093-0-AUtVZZttfF/aUXORnsrl2D4DkMVH6zO9Zp5CX7A8jk7J0HpF+i/E5JHQ2S1uoSvV6n5VpwSPf6Z6ozJ7XvK1IZM=
.the-ozone-project.com/	1970-01-20 18:26:07	Name: ozone_uid Value: 2YHmtf7JS9IKl48fl4amhmW19Gt
.servenobid.com/	1970-01-20 16:26:35	Name: pid_312 Value: 5932565963490263899
.smartadserver.com/	1970-01-21 01:46:45	Name: pid Value: 4494717592574740109
.casalemedia.com/	1970-01-21 01:02:07	Name: CMID Value: ZVbbdt0TJJ.lgNYTsbOuBgAA
.casalemedia.com/	1970-01-20 18:26:07	Name: CMPS Value: 5183
.casalemedia.com/	1970-01-20 18:26:07	Name: CMPRO Value: 5183
.gumgum.com/	1970-01-21 01:02:07	Name: vst Value: e_3142e795-563a-4185-8712-b9b45c5a6230
.lijit.com/	1970-01-21 01:02:07	Name: ljt_reader Value: Hq1GrRZHcV-rsNFWQQuvg2-S
.servenobid.com/	1970-01-20 16:26:35	Name: pid_317 Value: 4494717592574740109
.lijit.com/	1970-01-21 01:02:07	Name: _ljtrtb_273657 Value: 273657
.rfihub.com/	1970-01-21 01:38:07	Name: eud Value: H4sIAAAAAAAA_zslzmtobmBgaGloYGliaWgCAOmFWE4QAAAA
.rfihub.com/	1970-01-21 01:38:07	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjIyNjIwMrOwMBTiM9RNjbc0SUqLMin2c3EBAFDU7VElAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjIyNjIwMrOwMBTiM9RNjbc0SUqLMin2c3EBAFDU7VElAAAA
.servenobid.com/	1970-01-20 16:26:35	Name: pid_309 Value: e_3142e795-563a-4185-8712-b9b45c5a6230
.servenobid.com/	1970-01-20 16:26:35	Name: pid_310 Value: Hq1GrRZHcV-rsNFWQQuvg2-S
.servenobid.com/	1970-01-20 16:26:35	Name: pid_324 Value: 5134455422232026881
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 79cc6f011f637677
.bidswitch.net/	1970-01-21 01:02:07	Name: c Value: 1700191095
.bidswitch.net/	1970-01-21 01:02:07	Name: tuuid_lu Value: 1700191095
.bidswitch.net/	1970-01-21 01:02:07	Name: tuuid Value: 63d1f966-831a-4c83-937a-f772fe42c83b
.openx.net/	1970-01-21 01:02:07	Name: i Value: d84ab09f-340f-4769-8e51-0cbb05f6b0ef\|1700191095
.quantserve.com/	1970-01-20 18:26:07	Name: d Value: EHwBDQG5Koir0QA
.quantserve.com/	1970-01-21 01:46:45	Name: mc Value: 6556db77-00c4e-1cedc-d9cab
.creativecdn.com/	1970-01-21 01:02:07	Name: u Value: LA3t86gT3uYM8tGCTpt6
.creativecdn.com/	1970-01-21 01:02:07	Name: g Value: LA3t86gT3uYM8tGCTpt6_1700191095028
.creativecdn.com/	1970-01-21 01:02:07	Name: ts Value: 1700191095
.adform.net/	1970-01-20 16:59:43	Name: C Value: 1
.servenobid.com/	1970-01-20 16:26:35	Name: pid_333 Value: ZVbbdt0TJJ-lgNYTsbOuBgAAFD8AAAAB
.disqus.com/	1970-01-21 01:02:07	Name: zeta-ssp-user-id Value: ua-19713a57-91b2-3809-b1db-9b843237ec20
.adform.net/	1970-01-20 17:42:55	Name: uid Value: 6856144553523383611
.turn.com/	1970-01-20 20:35:43	Name: uid Value: 8550105679086970824
.ctnsnet.com/	1970-01-21 01:02:07	Name: cid_99a960da615d4b10a0c6fb15fe108e6a Value: 1
.servenobid.com/	1970-01-20 16:26:35	Name: pid_346 Value: ua-19713a57-91b2-3809-b1db-9b843237ec20
.1rx.io/	1970-01-21 01:02:07	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9953c502-0341-404a-9e23-4bbd023606c5-003%22%7D
.doubleclick.net/	1970-01-21 01:38:07	Name: IDE Value: AHWqTUlmuDd7DtKsIsvlfCEOoCQ7mlV0hVga7u_WnuBGuaxyIsTa84ZAypC6kh9AQbg
.kargo.com/	1970-01-21 01:02:07	Name: ktcid Value: 5abf824c-c047-00b4-57cb-327b05908237
.smartadserver.com/	1970-01-21 01:03:33	Name: csync Value: 76:CAESECfMVmAUCyEwwrsVjs-YvYY
.servenobid.com/	1970-01-20 16:26:35	Name: pid_353 Value: 0000EEA
.zemanta.com/	1970-01-21 01:02:07	Name: zuid Value: p_-AdYc7CyXnJ93dlON7
.targeting.unrulymedia.com/	1970-01-21 01:02:07	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9953c502-0341-404a-9e23-4bbd023606c5-003%22%7D
.ipredictive.com/	1970-01-21 01:02:07	Name: cu Value: 94e13938-a008-411c-9768-cb53cb8d0568\|1700191095322
sync.srv.stackadapt.com/	1970-01-21 01:02:07	Name: sa-user-id Value: s%3A0-062d1056-6a01-577d-63aa-95d056b2ed5e.SN1F6iL46xlUt78lm9nlcDqU6powgcgUABz8UNM2lDI
.srv.stackadapt.com/	1970-01-21 01:02:07	Name: sa-user-id Value: s%3A0-062d1056-6a01-577d-63aa-95d056b2ed5e.SN1F6iL46xlUt78lm9nlcDqU6powgcgUABz8UNM2lDI
sync.srv.stackadapt.com/	1970-01-21 01:02:07	Name: sa-user-id-v2 Value: s%3ABi0QVmoBV31jqpXQVrLtXh_MmMU.eptqVvgqEKr7kfXo%2Bql4%2FyUzw6AjRRbcmfmL6sZQcVE
.srv.stackadapt.com/	1970-01-21 01:02:07	Name: sa-user-id-v2 Value: s%3ABi0QVmoBV31jqpXQVrLtXh_MmMU.eptqVvgqEKr7kfXo%2Bql4%2FyUzw6AjRRbcmfmL6sZQcVE
sync.srv.stackadapt.com/	1970-01-21 01:02:07	Name: sa-user-id-v3 Value: s%3AAQAKIDTcedeo0-HtNLvNGQVP3_WREfgwvUL9OGGJYnbA8r1PEHwYBCD3ttuqBjABOgRyABfNQgTMmHGz.6Ym9htte0cfOPcplTGhll8Gt%2FiZ%2Bowzyopqy6yAOL7E
.srv.stackadapt.com/	1970-01-21 01:02:07	Name: sa-user-id-v3 Value: s%3AAQAKIDTcedeo0-HtNLvNGQVP3_WREfgwvUL9OGGJYnbA8r1PEHwYBCD3ttuqBjABOgRyABfNQgTMmHGz.6Ym9htte0cfOPcplTGhll8Gt%2FiZ%2Bowzyopqy6yAOL7E
.servenobid.com/	1970-01-20 16:26:35	Name: pid_321 Value: RX-9953c502-0341-404a-9e23-4bbd023606c5-003
.creative-serving.com/	1970-01-21 01:38:07	Name: tuuid Value: 9c57c2fb-6b95-447a-8574-e96bcc88db1d
.creative-serving.com/	1970-01-21 01:38:07	Name: c Value: 1700191095
.creative-serving.com/	1970-01-21 01:38:07	Name: tuuid_lu Value: 1700191095
.liadm.com/	1970-01-21 01:52:31	Name: lidid Value: 3fb0938c-cccb-41ed-bceb-320ffb6b769b
.richaudience.com/	1970-01-20 16:59:43	Name: pdid Value: 836f0097-24b9-407a-bb70-1zz1700191079
.ads.stickyadstv.com/	1970-01-20 16:59:43	Name: UID Value: 4a722bc035f9ce6906d5f9e7b355bf8
.fwmrm.net/	1970-01-20 20:35:43	Name: _uid Value: umv29d6_7302265156793199870
.ads.stickyadstv.com/	1970-01-20 17:42:55	Name: uid-bp-36033 Value: umv29d6_7302265156793199870
.ads.stickyadstv.com/	1970-01-20 17:42:55	Name: MRM_UID Value: umv29d6_7302265156793199870
.yahoo.com/	1970-01-21 01:02:28	Name: A3 Value: d=AQABBHjbVmUCEKAnPmvgMd2ZqzJJqBzeZv4FEgEBAQEsWGVgZQAAAAAA_eMAAA&S=AQAAAqd5zmoMUPcT_DU7O1JHZg8
.ads.stickyadstv.com/	1970-01-20 16:59:43	Name: uid-bp-717 Value: y-JUJqzeNE2oPY.3hfXyVfmgmlYwq1dmlgGl1MBg4I~A
.the-ozone-project.com/	1970-01-20 18:26:07	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI1OTMyNTY1OTYzNDkwMjYzODk5IiwiZXhwaXJlcyI6IjIwMjMtMTItMDFUMDM6MTg6MTcuMDI3Mjg3MTE2WiJ9LCJpeCI6eyJ1aWQiOiJaVmJiZHQwVEpKLmxnTllUc2JPdUJnQUFcdTAwMjY1MTgzIiwiZXhwaXJlcyI6IjIwMjMtMTItMDFUMDM6MTg6MTcuMzYxMjc1MDA1WiJ9LCJvbmV0YWciOnsidWlkIjoiJFVJRCIsImV4cGlyZXMiOiIyMDIzLTEyLTAxVDAzOjE4OjE2LjI0OTkxNTczOVoifSwib3BlbngiOnsidWlkIjoiMzIzODAwMDktMjQxNy00Yjc3LWJmMGItMDQ0NmUwOGE0MTlmIiwiZXhwaXJlcyI6IjIwMjMtMTItMDFUMDM6MTg6MTYuMTIzMzc0ODU4WiJ9LCJzb3ZybiI6eyJ1aWQiOiJIcTFHclJaSGNWLXJzTkZXUVF1dmcyLVMiLCJleHBpcmVzIjoiMjAyMy0xMi0wMVQwMzoxODoxNS40Nzc4NDQ5MloifX0sImJkYXkiOiIyMDIzLTExLTE3VDAzOjE4OjE1LjQ3Nzg0MjQ1WiJ9
.ads.pubmatic.com/	1970-01-20 16:17:57	Name: KCCH Value: YES

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.pinturillo2.com/ Message: Access to XMLHttpRequest at 'https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fwww.pinturillo2.com%2F' from origin 'https://www.pinturillo2.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fwww.pinturillo2.com%2F Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ad2.360yield.com
ads.avct.cloud
ads.creative-serving.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yieldmo.com
ap.lijit.com
api.adinplay.com
api.btloader.com
api.cmp.inmobi.com
api.poki.com
assets.a-mo.net
b1h-euc1.zemanta.com
b1sync.zemanta.com
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
c1.adform.net
cadmus.script.ac
cdn.jsdelivr.net
ce.lijit.com
cm.ctnsnet.com
cm.g.doubleclick.net
cmp.inmobi.com
cmp.quantcast.com
cms.quantserve.com
code.createjs.com
config.aps.amazon-adsystem.com
crb.kargo.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
d.turn.com
devs-api.poki.com
dsum-sec.casalemedia.com
elb.the-ozone-project.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
game-cdn.poki.com
geo.poki.io
hb.yellowblue.io
hbopenbid.pubmatic.com
hbx.media.net
i.clean.gg
i.liadm.com
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mp.4dex.io
onetag-sys.com
p.rfihub.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.a-mo.net
public.servenobid.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.cloudflareinsights.com
sync.1rx.io
sync.adkernel.com
sync.go.sonobi.com
sync.ipredictive.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tg.socdm.com
token.rubiconproject.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.targeting.unrulymedia.com
usersync.gumgum.com
www.google-analytics.com
www.googletagmanager.com
www.pinturillo2.com
x.bidswitch.net
ads.avct.cloud
securepubads.g.doubleclick.net
104.18.36.155
104.18.43.178
130.211.23.194
142.250.184.226
142.250.185.166
147.75.84.158
151.101.1.108
162.55.233.29
169.197.150.8
18.184.81.67
184.30.16.195
184.30.24.22
185.184.8.90
185.64.189.112
185.64.190.78
185.86.138.150
185.86.138.154
185.89.210.90
188.114.97.3
193.0.160.130
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.93.169.131
211.120.53.206
213.227.153.221
216.52.2.16
216.52.2.48
23.56.202.187
2600:9000:214f:1a00:1b:cadc:ef40:93a1
2600:9000:223f:3200:1f:4c18:bd40:93a1
2600:9000:2644:4a00:9:46dc:4700:93a1
2602:803:c003:200::41
2606:4700:10::ac43:293c
2606:4700:20::681a:346
2606:4700:20::681a:8a9
2606:4700:20::ac43:47de
2606:4700:4400::ac40:994e
2606:4700::6810:3865
2606:4700::6810:5614
2606:4700::6811:9325
2606:4700::6811:9425
2606:4700::6812:1791
2606:4700::6812:da0f
2606:4700::6813:9e13
2607:ae80:4::26
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:810::2002
2a00:1450:4001:812::200e
2a00:1450:4001:828::2008
2a00:1450:4001:830::200a
2a02:26f0:3500:11::215:14cb
2a02:fa8:8806:21::1720
2a05:d018:d29:3602:b34:3da1:cf11:a756
3.123.51.12
3.126.125.13
3.248.115.153
3.65.142.57
3.69.181.164
3.75.62.37
34.196.172.118
34.236.62.13
34.247.233.198
34.95.69.49
34.98.64.218
35.157.44.143
35.186.193.173
35.186.253.211
37.157.2.229
44.205.140.116
46.228.174.117
51.89.9.251
52.19.132.136
52.212.105.38
52.215.12.164
52.223.40.198
52.84.104.95
52.84.105.94
52.84.106.43
54.144.102.175
54.146.124.189
54.195.237.102
54.87.176.184
69.173.144.139
70.42.32.127
72.34.250.75
77.245.57.72
95.101.149.233
99.86.4.39
009f8d2a88011d475750d469489597aa1c39b3bc72be0688fcd34a5f2dd3ddbc
025e1ec1c607a7206e6bd7e99558e017848731e3a1f40196bb37200cc2b6d389
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
098c23bb06159d925ad941fbbe315322c3d511f899dfdbff6fb912aa5b1b95b0
0aa212492deb3d88b8a55d8c4c7cced86e815d5ffab77f96252db8bb4a1dd997
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0baa9e6aace46cc79b0aba61e8364dfda8224d4aeb00cee6edec1dec525815b1
10c96e722ab67adda3fac5cfc59323067e01a1b1cc7b13b27262ee3736009df6
16f6a89c89e20586fdb7ed77f218f6af5442e80c8c3116deb2ab0cdd5aae2001
194346de2123e8dc6ac7b9f63a35b2e31a87d3028a6a34fd11550d9d15d37b6b
19567c897e34669ab62bcd0a9589d85ac2d98d4cfa2320ec97c3fa28c3287c95
1abd5403982231efc54fd0cb6aba4a39ff9551bfb076fd4fdd768a212db35598
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1fb25ac829a5bf773fc05c271d552aaa325f3e0f9da9f8546a8d25b229e28d3f
2021ccebbf2ea48b61d0ad8c658698653625b4aebacc075816b038c3c5abc586
2090fd7a1e65a23aa5daeb05a0ae69dd42cc4c60d407717cc50a031c4b5a1758
22aa041f4954f01508b14ab40d0b513a2d84e954ea1267dbc631084f7993fd88
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fe45c434f04909e90dc3c351e58b1919b96ead10aeb5ae1ee45001d69d13c2a
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d681ff49044fea63b4518505a673fcb8922c75e7b02b0eda08ae72fbefab9fe
3e230519e9e6bd75dce131497e7a0aa2ae9d1136732f66a0ebb6bdff88c8c875
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
406448769d3f734b29da1f99563a0757dc7b40f8e1dc6e0dc87f1f07cc8cbb30
4452a656d8e30f51db5e00d47fc827013467f6c77d0eb2de0b086e752ebf9262
44b73f0e80b55094b02ae34777b94b16fc26d77d9dcea6ab616b7cbd4a868d45
4833cf6a43e6a5ad628793f1737068c2a225df32cf8834c84e3191c8d5d12d48
487df0f6d0857c2d520125bc82c1fa8776abe85d00bb2164e60f6baf1684bf3d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4c3b5670a01f6506988a281dce6afe452f48831f72c60671e40e147b0098fde1
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4dcb45c7869520cc2de9bf68a57fb50261d6ed32c40e8bf8291aec6d95714c04
527dcd7b35313805b08d03c304051f867afb8033ab123e6a575a3d9331a4e9f4
52efa7dafc6cea05703ba66e8ba5f63c65705069f7599889f07dce191349fe88
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5793ae2fff25300ee13907746b024508a87ab90cfc9acbba42079ae9fbf4fcb0
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68ad0457342d41428ee8301007811c7745be0a4cadd6a41910fea6e189fa7a04
69ffddbc8edf0fc8f98b52209eea1847736512c1560d25e59542b73d26609b1d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
78164210ecf4b4ea8c4e367a91fc620dfb222ce557c3b8836235a7badfb5c467
7f4b42dd1e22a1bdd89367dd28885c2458639394318f65939c0b29c142101a60
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82061fcc41a634c304f33448c3767877ad4989cc744a315587901a24a69fd868
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
869033bc075d8d55bd21ad79a0e7973a3f6be24d21c6dbf0bdd83131c3d6f4f8
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8edc9843ba3c1265cf8c6091972b665fd5a49c9aeab9c9475300203e7b21de49
9073f38a3808d11e23bc99e0af7cfe52ad557efcb8df04269d7f2e824e0b5e22
913c7278640bf617b873f665585b060e3f9ee55f961be72a355b5b79530b3462
92b672e9d37859436f859b7fef024c9dc561a9e2dc58ebb89f6ccddfcca132b4
94fe1d55ae21b6732c46db5cabfd70a040af149cadfa1235ff20852bf35966c6
9b895d5dd6bad4309956ebc2100019787940b0391e30432dac7ebc75fd6cc4c1
9f0f51da21a9872344abcbe14d4243a1b7ccb78ef9cdc0afc63684d76cdeb593
a44eba1cb7fbbfcfaad1e2390bd98c46806114e54cd98086527efdb9109c2d70
a5aab9ba96f6cd58800a38023a870c735e599f6afe975618af5f04c77966ce63
a7fd9431277d14034c3b19696a73dc91a59997673cdbba25adbdcf853550bc15
aacdd32e52f9e3a25c072439bda2d14baccfe2416dac4e64479516381e64b80d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b75241bb66fff0353a92342d1f4ee366803a5110850f7131c239bdca4e20e5e7
b86985bf02aee42f2742312bdc87c4b2bdef1eaec68c2c53dbf4719f199cb094
bc8a0ca78b11b89ee4258efdec64fc1f304ef761d284f3f3d5dcf956563394c1
be360e5c28eb29c92a2b5ad2c14a0bc60b7a939696531f8e924b7ddd9e95daa1
c084880ad61d4b68f2270d0191f45d0894fd6aceb5afae41a057aa16cad08197
c7e4d66394d7b67753ff6b55ca803a4c72affc388bce44e802671d604d67f7dc
cad8cf48fbd4a2a4a403ddaf8fcc912935025f72f1073ecb2606a986fb116603
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03670b969b98046a686b56bbf289cf501c880ddc360d870e452587c2fcd01af
d09055e38c04120b7763197b4dcfdf4f23877a24f13f9818fc59436384bf381c
d1a3412b3379f41686f2e6bd0d48ef1ac4a79b8ec092aad58dcfb3c6aa25b72d
d6d5e774e27939f467f63355919f38e104d4565f951560c907ab628ccba0ff1e
d76d07c667dab8d3ba7c32a38f291d3dfc46dc2e70d53995080eec9bf4620c70
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da8f8ab7f8cff2efc4cabf5f7392f354fbeedc445f6052c089b2e48a6f2311fd
dac42067501d04dc982256c9b02e3264f08f6ec98d4239270f0846ad4c04c212
dc7f783327a4f44f84a12c93bc0d32bceeb800bc96a911dd4295e592eef2ac2f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e00c4511c6556486b58c3ba278a21a64d6910fc4ff4b3dfdc5b4dd9b101a1356
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e445ddc0b5c15f3cd8b3cb7bdc0a8f8c8ca8f0a832f3c91107573dc927ab7143
ece227bb38a56aef11c77d9909b8a91b25fb895eaf852376d3765191488844c0
f4aa3f1a9964a9c3343e0093b7c123e1a88d52e00a253ae84cd912684b65b4d6
f75970fad9ff1a0e45d29953a8972812c280bab858cb35d139eac7b0c1875434
f774fc4e6faa37b6dda357117cf9de7d337b4166fffe664e658ff92795e1a5e1
f98581c88197b6c95b16ba2e2349ce2204c79d779355568b41d711c756989c84
f9c2606c430ae68530fdbc2da88ae96df3482c73b52ca6627f5b23e662fd27e6
fbc7b7ca3086c20de446422733e499c41abb21382935d0bf6cb853d61973ce07

www.pinturillo2.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

185 Requests

82 %HTTPS

31 %IPv6

66 Domains

98 Subdomains

66 IPs

10 Countries

1486 kBTransfer

4740 kBSize

72 Cookies

8 Outgoing links

Page URL History

Redirected requests

185 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pinturillo2.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

185
Requests

82 %
HTTPS

31 %
IPv6

66
Domains

98
Subdomains

66
IPs

10
Countries

1486 kB
Transfer

4740 kB
Size

72
Cookies

185 HTTP transactions
0 data transactions