URL: https://www.picuki.com/
Submission: On March 22 via manual from DE — Scanned from DE

Summary

This website contacted 81 IPs in 13 countries across 80 domains to perform 392 HTTP transactions. The main IP is 172.67.68.160, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.picuki.com. The Cisco Umbrella rank of the primary domain is 249562.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 1st 2023. Valid for: a year.
This is the only time www.picuki.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
42 172.67.68.160 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 104.75.88.126 16625 (AKAMAI-AS)
1 88.221.169.143 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
7 18.66.147.50 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 162.19.138.118 16276 (OVH)
3 178.250.0.157 44788 (ASN-CRITE...)
5 104.26.8.178 13335 (CLOUDFLAR...)
4 185.64.189.112 62713 (AS-PUBMATIC)
4 213.19.147.42 3356 (LEVEL3)
7 51.89.9.252 16276 (OVH)
11 52.29.153.89 16509 (AMAZON-02)
6 18.194.70.95 16509 (AMAZON-02)
4 185.184.8.90 204995 (RTB-HOUSE...)
4 185.106.140.18 7979 (SERVERS-COM)
4 2a02:2638::24 44788 (ASN-CRITE...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
11 185.86.139.59 201081 (SMARTADSE...)
4 147.75.85.234 54825 (PACKET)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
7 2a00:1450:400... 15169 (GOOGLE)
4 159.89.25.223 14061 (DIGITALOC...)
4 13.32.99.84 16509 (AMAZON-02)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
12 23.54.114.218 16625 (AKAMAI-AS)
3 185.64.190.89 62713 (AS-PUBMATIC)
2 2a00:1450:400... 15169 (GOOGLE)
3 10 185.64.190.78 62713 (AS-PUBMATIC)
13 13 172.217.16.194 15169 (GOOGLE)
1 23.45.237.121 16625 (AKAMAI-AS)
1 5 37.157.6.254 198622 (ADFORM)
12 13.248.245.213 16509 (AMAZON-02)
2 2 103.229.206.241 30419 (MEDIAMATH...)
40 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.184 1299 (TWELVE99 ...)
3 4 35.204.158.49 396982 (GOOGLE-CL...)
5 5 37.157.3.30 198622 (ADFORM)
3 178.63.45.45 24940 (HETZNER-AS)
17 37.157.6.236 198622 (ADFORM)
1 142.250.184.230 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 142.250.184.226 15169 (GOOGLE)
1 1 8.2.110.113 46636 (NATCOWEB)
5 135.125.163.79 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2003:8:10:2:0... 3320 (DTAG Inte...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 185.80.39.216 27381 (CASALE-MEDIA)
1 216.52.2.6 32475 (SINGLEHOP...)
7 35.241.34.106 15169 (GOOGLE)
1 69.173.144.138 26667 (RUBICONPR...)
7 185.64.190.81 62713 (AS-PUBMATIC)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2 54.239.33.159 16509 (AMAZON-02)
2 15.197.193.217 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 3.75.62.37 16509 (AMAZON-02)
5 5 3.68.12.190 16509 (AMAZON-02)
2 35.156.59.19 16509 (AMAZON-02)
2 2 35.186.253.211 15169 (GOOGLE)
2 2 185.89.210.82 29990 (ASN-APPNEX)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 18.215.132.94 14618 (AMAZON-AES)
2 2 35.210.53.219 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 98.98.134.243 21859 (ZEN-ECN)
15 15 52.48.182.47 16509 (AMAZON-02)
3 3 185.86.138.154 201081 (SMARTADSE...)
3 3 198.148.27.140 19189 (PULSEPOINT)
6 6 151.101.130.49 54113 (FASTLY)
3 72.251.245.179 32475 (SINGLEHOP...)
3 3 52.220.229.2 16509 (AMAZON-02)
3 3 35.214.223.115 15169 (GOOGLE)
3 195.5.165.20 44968 (IPROM-AS)
3 6 2606:4700::68... 13335 (CLOUDFLAR...)
10 11 213.19.147.44 3356 (LEVEL3)
6 6 2001:678:cb4:... 56396 (AMOBEE)
3 35.186.193.173 15169 (GOOGLE)
3 157.90.40.26 24940 (HETZNER-AS)
3 3 141.95.171.139 16276 (OVH)
6 6 141.94.171.216 16276 (OVH)
3 6 54.170.171.194 16509 (AMAZON-02)
6 6 34.111.129.221 396982 (GOOGLE-CL...)
3 34.111.131.239 396982 (GOOGLE-CL...)
9 12 34.225.32.133 14618 (AMAZON-AES)
3 3 34.102.253.54 396982 (GOOGLE-CL...)
3 3 185.89.210.20 29990 (ASN-APPNEX)
3 3 164.92.213.94 14061 (DIGITALOC...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 396982 (GOOGLE-CL...)
1 185.64.190.87 62713 (AS-PUBMATIC)
1 1 51.222.80.231 16276 (OVH)
392 81
Apex Domain
Subdomains
Transfer
77 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 472
ads.pubmatic.com — Cisco Umbrella Rank: 475
st.pubmatic.com — Cisco Umbrella Rank: 1024
image6.pubmatic.com — Cisco Umbrella Rank: 731
simage2.pubmatic.com — Cisco Umbrella Rank: 670
image2.pubmatic.com — Cisco Umbrella Rank: 858
simage4.pubmatic.com — Cisco Umbrella Rank: 1165
image4.pubmatic.com — Cisco Umbrella Rank: 942
aud.pubmatic.com — Cisco Umbrella Rank: 5696
192 KB
42 picuki.com
www.picuki.com — Cisco Umbrella Rank: 249562
cdn1.picuki.com — Cisco Umbrella Rank: 198248
536 KB
33 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
cm.g.doubleclick.net — Cisco Umbrella Rank: 206
ad.doubleclick.net — Cisco Umbrella Rank: 166
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319
217 KB
30 googlesyndication.com
254b5bdb058f039551152afc776be7c6.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 135
175 KB
27 adform.net
cm.adform.net — Cisco Umbrella Rank: 1238
track.adform.net — Cisco Umbrella Rank: 3766
c1.adform.net — Cisco Umbrella Rank: 549
s1.adform.net — Cisco Umbrella Rank: 8122
dmp.adform.net — Cisco Umbrella Rank: 2938
169 KB
22 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 512
ib.3lift.com — Cisco Umbrella Rank: 1355
eb2.3lift.com — Cisco Umbrella Rank: 352
82 KB
15 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 526
7 KB
14 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1613
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 588
8 KB
13 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1991
mp.4dex.io — Cisco Umbrella Rank: 2215
c.4dex.io — Cisco Umbrella Rank: 6711
27 KB
12 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1897
8 KB
12 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1438
sync.1rx.io — Cisco Umbrella Rank: 520
5 KB
12 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 392
mug.criteo.com — Cisco Umbrella Rank: 2797
bidder.criteo.com — Cisco Umbrella Rank: 764
dis.criteo.com — Cisco Umbrella Rank: 686
10 KB
11 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 977
2 KB
9 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22306
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27026
1 KB
9 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 9011
user-sync.adxpremium.services — Cisco Umbrella Rank: 12040
13 KB
8 ipromcloud.com
cdn.ipromcloud.com — Cisco Umbrella Rank: 142799
a.ipromcloud.com — Cisco Umbrella Rank: 205423
167 KB
7 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 13642
pixel.onaudience.com — Cisco Umbrella Rank: 2777
4 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
273 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 766
1 KB
7 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1757
199 KB
6 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 756
2 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 794
3 KB
6 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 749
s.tribalfusion.com — Cisco Umbrella Rank: 1837
2 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 611
2 KB
6 iprom.net
de-core.iprom.net — Cisco Umbrella Rank: 291157
core.iprom.net — Cisco Umbrella Rank: 5653
2 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 389
5 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 297
2 KB
5 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 40300
20 KB
5 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1606
m.addthis.com — Cisco Umbrella Rank: 1551
217 KB
4 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2210
vpaid.vidoomy.com — Cisco Umbrella Rank: 3510
a.vidoomy.com — Cisco Umbrella Rank: 3074
20 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 740
2 KB
4 setupad.com
node.setupad.com — Cisco Umbrella Rank: 45586
833 B
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 949
876 B
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6532
705 B
3 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2020
2 KB
3 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3635
891 B
3 erne.co
green.erne.co — Cisco Umbrella Rank: 17901
1 KB
3 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6216
3 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5357
776 B
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1115
1 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 837
614 B
3 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2572
2 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1308
847 B
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 557
2 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 446
ups.analytics.yahoo.com — Cisco Umbrella Rank: 277
1 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
region1.google-analytics.com — Cisco Umbrella Rank: 2368
20 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 5145
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1172
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4678
751 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1455
723 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 330
529 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 938
2 KB
2 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1311
2 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4619
562 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 470
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 642
57 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8820
696 B
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 309
fonts.googleapis.com — Cisco Umbrella Rank: 31
32 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 334
4 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
121 KB
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2656
382 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 622
191 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3012
104 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 644
932 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1426
524 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 660
589 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 322
239 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 603
277 B
1 westlotto.com
wlresults.westlotto.com — Cisco Umbrella Rank: 542371
2 KB
1 ck-ie.com
as.ck-ie.com — Cisco Umbrella Rank: 8116
484 B
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 12646
3 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 283
60 KB
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4347
525 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 414
624 B
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1758
738 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 456
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
11 KB
1 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 44158
116 KB
392 80
Domain Requested by
27 simage2.pubmatic.com ads.pubmatic.com
27 www.picuki.com www.picuki.com
21 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
tagan.adlightning.com
pagead2.googlesyndication.com
ad.doubleclick.net
www.googletagservices.com
17 s1.adform.net tagan.adlightning.com
www.picuki.com
15 match.prod.bidr.io 15 redirects
15 cdn1.picuki.com www.picuki.com
15 securepubads.g.doubleclick.net www.picuki.com
securepubads.g.doubleclick.net
tagan.adlightning.com
13 image2.pubmatic.com ads.pubmatic.com
13 cm.g.doubleclick.net 13 redirects
12 a.audrte.com 9 redirects
12 eb2.3lift.com tagan.adlightning.com
stpd.cloud
adxbid.info
12 ads.pubmatic.com tagan.adlightning.com
www.picuki.com
stpd.cloud
adxbid.info
11 prg.smartadserver.com stpd.cloud
11 btlr.sharethrough.com stpd.cloud
10 image6.pubmatic.com 3 redirects ads.pubmatic.com
8 sync.1rx.io 8 redirects
8 tpc.googlesyndication.com tagan.adlightning.com
ad.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
7 c.4dex.io www.picuki.com
7 www.googletagservices.com tagan.adlightning.com
ad.doubleclick.net
7 onetag-sys.com stpd.cloud
7 tagan.adlightning.com stpd.cloud
tagan.adlightning.com
6 cr.frontend.weborama.fr 6 redirects
6 sync.crwdcntrl.net 3 redirects ads.pubmatic.com
6 pixel-eu.onaudience.com 6 redirects
6 ad.turn.com 6 redirects
6 sync-tm.everesttech.net 6 redirects
6 simage4.pubmatic.com ads.pubmatic.com
6 cdn.ipromcloud.com tagan.adlightning.com
6 tlx.3lift.com stpd.cloud
www.picuki.com
5 x.bidswitch.net 5 redirects
5 user-sync.adxpremium.services adxbid.info
ads.pubmatic.com
vid.vidoomy.com
5 prebid-stag.setupad.net stpd.cloud
4 um.simpli.fi 3 redirects ads.pubmatic.com
4 ib.3lift.com tagan.adlightning.com
www.picuki.com
4 node.setupad.com stpd.cloud
4 prebid.a-mo.net stpd.cloud
4 mp.4dex.io stpd.cloud
4 bidder.criteo.com stpd.cloud
4 rtb.adxpremium.services stpd.cloud
4 prebid-eu.creativecdn.com stpd.cloud
4 tag.1rx.io stpd.cloud
4 hbopenbid.pubmatic.com stpd.cloud
4 gum.criteo.com 2 redirects tagan.adlightning.com
4 s7.addthis.com www.picuki.com
s7.addthis.com
3 match.adsby.bidtheatre.com 3 redirects
3 secure.adnxs.com 3 redirects
3 ads.playground.xyz 3 redirects
3 dmp.adform.net 3 redirects
3 idsync.frontend.weborama.fr
3 green.erne.co 3 redirects
3 matching.truffle.bid ads.pubmatic.com
3 ipac.ctnsnet.com ads.pubmatic.com
3 sync.targeting.unrulymedia.com 2 redirects ads.pubmatic.com
3 s.tribalfusion.com ads.pubmatic.com
3 a.tribalfusion.com 3 redirects
3 core.iprom.net ads.pubmatic.com
3 csync.loopme.me 3 redirects
3 cm-supply-web.gammaplatform.com 3 redirects
3 cm.adgrx.com ads.pubmatic.com
3 bh.contextweb.com 3 redirects
3 rtb-csync.smartadserver.com 3 redirects
3 de-core.iprom.net www.picuki.com
3 track.adform.net tagan.adlightning.com
s1.adform.net
www.picuki.com
3 st.pubmatic.com tagan.adlightning.com
www.picuki.com
3 mug.criteo.com www.picuki.com
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 pool.admedo.com 2 redirects
2 ib.adnxs.com 2 redirects
2 rtb.openx.net 2 redirects
2 a.vidoomy.com
2 ups.analytics.yahoo.com 2 redirects
2 match.adsrvr.org
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 ssum.casalemedia.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 a.ipromcloud.com cdn.ipromcloud.com
tagan.adlightning.com
2 c1.adform.net 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 cm.adform.net 1 redirects googleads.g.doubleclick.net
2 googleads.g.doubleclick.net tagan.adlightning.com
2 static.criteo.net stpd.cloud
static.criteo.net
2 adservice.google.com tagan.adlightning.com
2 adservice.google.de tagan.adlightning.com
2 script.4dex.io stpd.cloud
script.4dex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.jsdelivr.net www.picuki.com
stpd.cloud
2 www.googletagmanager.com www.picuki.com
www.googletagmanager.com
1 pixel.onaudience.com 1 redirects
1 aud.pubmatic.com
1 mwzeom.zeotap.com
1 pixel-sync.sitescout.com
1 pubmatic-match.dotomi.com
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 image4.pubmatic.com
1 pr-bh.ybp.yahoo.com
1 cms.quantserve.com 1 redirects
1 dis.criteo.com 1 redirects
1 pixel.rubiconproject.com adxbid.info
1 ap.lijit.com adxbid.info
1 vpaid.vidoomy.com vid.vidoomy.com
1 wlresults.westlotto.com s1.adform.net
1 vid.vidoomy.com adxbid.info
1 fonts.googleapis.com s1.adform.net
1 as.ck-ie.com 1 redirects
1 adxbid.info stpd.cloud
1 s0.2mdn.net ad.doubleclick.net
1 ad.doubleclick.net tagan.adlightning.com
1 ad.yieldlab.net googleads.g.doubleclick.net
1 www.google.com tagan.adlightning.com
1 254b5bdb058f039551152afc776be7c6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 id5-sync.com stpd.cloud
1 region1.google-analytics.com www.googletagmanager.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 cdnjs.cloudflare.com www.picuki.com
1 ajax.googleapis.com www.picuki.com
1 stpd.cloud www.picuki.com
392 122

This site contains links to these domains. Also see Links.

Domain
www.topytu.com
de-core.iprom.net
www.addthis.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-01 -
2024-02-28
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.stpd.cloud
E1
2023-02-24 -
2023-05-25
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-07
a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-11-18
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-09 -
2023-06-03
3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01
2023-02-22 -
2023-07-07
4 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2022-11-23 -
2023-11-22
a year crt.sh
*.id5-sync.com
R3
2023-01-25 -
2023-04-25
3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2022-06-28 -
2023-07-29
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02
2023-02-10 -
2023-08-12
6 months crt.sh
*.3lift.com
Amazon RSA 2048 M01
2023-02-10 -
2023-06-11
4 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA
2022-08-26 -
2023-08-05
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.a-mo.net
R3
2023-02-02 -
2023-05-03
3 months crt.sh
*.google.de
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
www.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-13 -
2023-04-15
3 months crt.sh
node.setupad.com
R3
2023-02-26 -
2023-05-27
3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
*.iprom.net
R3
2023-03-01 -
2023-05-30
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-01 -
2023-10-02
a year crt.sh
www.westlotto.com
SwissSign RSA TLS EV ICA 2021 - 1
2023-01-06 -
2024-01-06
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
c.4dex.io
GTS CA 1D4
2023-03-06 -
2023-06-04
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-01-27 -
2024-01-27
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-11-08 -
2023-05-03
6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-01-09 -
2024-02-02
a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-03 -
2024-03-31
a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-04 -
2023-11-06
10 months crt.sh
truffle.bid
R3
2023-03-15 -
2023-06-13
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA
2022-05-09 -
2023-05-09
a year crt.sh

This page contains 84 frames:

Primary Page: https://www.picuki.com/
Frame ID: 8CECE1E49C3B9868059FC5BF692D220E
Requests: 163 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2D86F6788E43B0405EF5302FF8E9CA5E
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 7777EDDE8F515CE173C1FF9E642ACFFE
Requests: 1 HTTP requests in this frame

Frame: https://www.picuki.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679515200
Frame ID: 2D084ED62911B40EECDA3D7CA4B7F243
Requests: 3 HTTP requests in this frame

Frame: https://254b5bdb058f039551152afc776be7c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B74BE4E11AFBA9FF7C08D2AA0556D90A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CEA3293406C8C50E55B3D860F10D097F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3043DF09247B62AE86A95F31A23981AD
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Frame ID: 0EA7B8505202AEC1C6F545F1EF0C018D
Requests: 30 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Frame ID: 8AD5A4DFB6224B1181748304C8499FDB
Requests: 12 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Frame ID: 05256C0E06BE2A92C4A8ADC062B06227
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Frame ID: E7CD69CD1E3C1378B938163F007ADC4E
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D299F84292F4B8C0FC5DB420BA7C85F1
Requests: 7 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=748569&adId=3125413&imprId=6D7053AF-3469-4A86-8853-8431F336BA99&cksum=A89022CB6F11E6FC&adType=10&adServerId=243&kefact=0.092369&kaxefact=0.092369&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1679528279&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.131956&dcId=3&tldId=0&passback=0&svr=BID22615U&adsver=_2255257266&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=V5EbZMsCDwAg6k0P7MovqP8zajl9pmtn0F-lWmUD0CoR2arH&ekaxefact=V5EbZNkCDwA6z7OziAhs5BszTAk93Ajn4bna2LfiPV9R3BZ9&ekpbmtpfact=V5EbZOUCDwD-MwiwY1GVMcpROq8NfTxsTazWAlr7O9JuK8N4&enpp=V5EbZPECDwAH6CsAbOJ9rC40sJr6J-rQxNPmxdzjFp3dFFPR&pfi=1&domId=305040806987421129&dc=AMS&crID=1050892&lpu=www.inotherm-tuer.de&ucrid=2785267993821263654&campaignId=23357&creativeId=0&pctr=0.000000&wDSPByrId=42901&wDspId=1277&wbId=2&wrId=0&wAdvID=1490501&wDspCampId=185767&isRTB=1&rtbId=84E00637-E92A-4855-B69E-4C7479C755E7&ver=6&dateHr=2023032223&oid=6D7053AF-3469-4A86-8853-8431F336BA99&cntryId=58&domain=picuki.com&sec=1&pAuSt=2&wops=0&sURL=picuki.com&BrID=5
Frame ID: FFCA591E8622F334945F86AD1C8EC19F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.picuki.com
Frame ID: 53B60B3B540C0F94B500DFDC57927514
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D884F1779DD4D929DE17FB92C65DE93B
Requests: 6 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=748569&adId=3125413&imprId=C35A6602-53FD-45B1-B3B6-F18A172AD27D&cksum=EA639AA74A94A6C9&adType=10&adServerId=243&kefact=0.092369&kaxefact=0.092369&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1679528279&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.131956&dcId=3&tldId=0&passback=0&svr=BID22448U&adsver=_3167765704&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=V5EbZMUDDwBTdPmkvsrm7vqzTUOrVTXvuH8HOARRKQ_mtJm1&ekaxefact=V5EbZNEDDwCu46kZd5wefBPAbNG01S0ETd1ykWgD4RQfr37w&ekpbmtpfact=V5EbZNoDDwBiQPj7p3vW8bYj6N1RgJnYIEAXtzUY0df0G1MR&enpp=V5EbZOMDDwBJhExHPPkWIpFlg1gGr-MQ6aAUWq94HBFaaYHi&pfi=1&domId=305040806987421129&dc=AMS&crID=1050892&lpu=www.inotherm-tuer.de&ucrid=2785267993821263654&campaignId=23357&creativeId=0&pctr=0.000000&wDSPByrId=42901&wDspId=1277&wbId=2&wrId=0&wAdvID=1490501&wDspCampId=185767&isRTB=1&rtbId=3AE2C007-122A-469B-A258-3BF264A737FC&ver=5&dateHr=2023032223&oid=C35A6602-53FD-45B1-B3B6-F18A172AD27D&cntryId=58&domain=picuki.com&sec=1&pAuSt=2&wops=0&sURL=picuki.com&BrID=5
Frame ID: 1092AE6B803DFE39EA38218ECD3FCCBE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYh-mA4wEwAQ&v=APEucNW1LBM8CXjyIiOB_4XHdTrpeRH6-Ykp1VYtbJyv2UURzKsftYKIQM7Z-lInXYqIbbEolfXvyzYgP4rY1utmrGnVfbd_C4WoW46QVBIbf6Z-XkdRgs59Xncnwid97AjUcGXrr8ZcR8dWIVPesuOcdV0Pc8wb0Ie7cxxNnjD8AEFLYjHF29zgyqxd07eT9WQL-NkPmf5g
Frame ID: FC0FC77F4E52480A01770AED3503A816
Requests: 3 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=61989835;rtbwp=0.193;rtbdata=1wXVmOKGFMeYEdvmklPxhNk0KB_EYkvmaiQnMfGm2TYO3DK8ywBXfXl_SwACTqE9X7RxklPDOtbFTHRNyquuiK11uVSu7IYHAKV4i2Uo6VRhBgroSqz0GgdIYh1LpHnOgzsBhBQPgcrCiuTDideiUSMoB1m109rl9U34vHQLoUPay7XrhSpSrimJ_IU6mQ8yGSZ2ua8m9SuqCaudDXlbWkRIyqqHyGJf8feAJlkdSKsZbsISCitjMV4Lqz-_VnrBNbiahArKc7BxZwrEVgYIC84xMoc8Yp1b4UFuhV40q881
Frame ID: 43D7DA6BF1CCB4AE3C4B196E8210554A
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=24898
Frame ID: D30DF005EF5FF9CD08B7DB8CEFA85E0A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5ad9641b-915b-4d00-8c48-2767684d5af7&gdpr=0&gdpr_consent=
Frame ID: A00DC678626AB925C2E615E02CA6FDE9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3532487262417699871
Frame ID: 7427D8DC535E05C94A2F0F83B871E027
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C2763D43928D932559DEA236702C4B40
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1339858.279382INVITEMEDIAINC.D/B29353508.359035546;dc_ver=95.280;sz=728x90;u_sd=1;dc_adk=821346888;ord=jj4ohq;click=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NzQ4NTY5JmFkSWQ9MzEyNTQxNCZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE2NTM3NDQxMTcyMjY5NTUwMTE4JmFkU2VydmVySWQ9MjQzJmltcGlkPTg2RTk5M0E3LUZGMTEtNEJCRS04NTk5LThFQTkzM0U4NEJCRCZwYXNzYmFjaz0w_url%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCpb8tV5EbZOCdOJCG7_UPn9OZ-AiQ9pnQb-ut8r2MEWQQASDLidYjYJXikIKgB8gBCakCTPfOg6A3sj6oAwGqBPYBT9C1TGIdjJWL340eOJ8WWvNKxvN7MlQfjuCJDbdlp1UxtyksgMB-KAmT3cFytiN_8kmfk8v8-tBi2N3uvErp4pb_kHbCT0iHQtZsm21AeY-DjLh98N1jSaMLhcWSiK-ma2Vk57l4wp0jCNxra1vB1K4xtizs-TQT26EKlmEoq-rf8I7bdBPaRAKQQ7BZSij2h7qBk7A_aBAflUn9HiX9P-d8caj04G7TgT51tJJRmHjkTg9tEXSrcp2OKfc0WpM56S1QgxiMbJ3eUO08nMq-ayFS-dDYl-FjCu-8cmLzRxE2wR6ufanGEe9nRUvPqoBv7uSnJ9jTwASU_py3pgTgBAOQBgGgBk2AB4CxgNYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYXzICqgI6AoBA8ggNYmlkZGVyLTc0ODU2OYAKBJgLAcgLAYAMAbAT0MfSEtATANgTENgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSGwDUE5ymZYn0EUllwXloCQ0-ga-11RJMKocZ0RgB%2526sig%253DAOD64_1Ft4lRYCE6mKCP_vMSPFPS3Uc5yw%2526client%253Dca-pub-6362111942204036%2526dbm_c%253DAKAmf-CKlQiN19BWUeW8EbOlNpYGklWSYzjkARNVtOvPA2PxI3HTqzTzXRTs1hf6N5AAH1GT51r8EvCKYVZFNu5L5bvpP0gFeJV3YZ9uj4I8MQCJpYcvWO8ZtkzOLUOCp-m3kpZfYn-iFAYCalDO3qRK8vLYtD40eBit3V_1z9HX9oWFDmPBQ3g%2526cry%253D1%2526dbm_d%253DAKAmf-AxNwbMtSx32GccRlKVSKu1fvr_g1JWUsNmlWnFMBqtoCLbY3Af5OWC4RSHi2h__zgOoS5XziNns0EFwD9nlKbRCzMYZQ4LluLswD3WUfQhVFL99jh4grcORt_m2mHJbB06AOv8ISmEU8Vr9GGFxbhTKAH8Rp6juJwLfh1VhpVJRXAspZ7DjslwYULgTApmu628fWlcyHGJQsNXBkbZHTk0NCnazmvMbhAhE1SnTVsZRr58ojAzQ-8eiCVLB3o3M8YkQwwXVPKoVV9ixV91mLb98OQShUu0SGexxHGy6B7-UY4xx-2-IAaMZmCrkkeR_x8aTSs6s6Yw9r4FQnRGLOOobA8YpTShfxY_x-1OaTNnwa3NQsm0ZGmCmZEWFZWKz_Dl86OSrDSxSgF-kb2si9QZFkMGdAKMFx_yA3jpEIcowuDf42dkl0Hjz7qgwoPZvdc2E1vW4ijaxLjV0ZyzVTSgGFVPgRt-d2WxhNELKbF8dZfgoO3vBW6UvbtqJPz1dDZT6pXxiX6qTiP5C53Ipfj64QnR4Q%2526adurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.picuki.com%2F$0;xdt=0;crlt=wBZ-L2WyBT;stc=1;chaa=1;sttr=209;prcl=s
Frame ID: C6F8B51F9A27A36E8F12BFD856898C8A
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BE31161E748C104830AD57225E3B0431
Requests: 6 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=748569&adId=3125414&imprId=86E993A7-FF11-4BBE-8599-8EA933E84BBD&cksum=F6BE8FEA59671FC8&adType=10&adServerId=243&kefact=0.092788&kaxefact=0.092788&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1679528279&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.132554&dcId=3&tldId=0&passback=0&svr=BID22353U&adsver=_3167765704&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=V5EbZHEgDwDhbLzPFbCFBEzQnsJkCBmymXQcmbNV6vqVk2a8&ekaxefact=V5EbZHsgDwAt8onmVUoGPCi-f_AtOPGr-jAw7aunExEJWgs2&ekpbmtpfact=V5EbZIUgDwDbpeS3mcp3zhqPxwSH3jR79AGO8ZhW1KRd0bJw&enpp=V5EbZI4gDwAiJQ2ueoe3M2GvXzulSNmeR_AVQdIT7xeo44XI&pfi=1&domId=305040806987421129&dc=AMS&pubBuyId=44663&crID=476066951&lpu=seedtag.com&ucrid=16537441172269550118&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=6135531&wDspId=80&wbId=1&wrId=0&wAdvID=1310834&wDspCampId=19805778375&isRTB=1&rtbId=50D7EDF4-75F8-49A6-AFFE-09A924C87AED&ver=7&dateHr=2023032223&oid=86E993A7-FF11-4BBE-8599-8EA933E84BBD&cntryId=58&domain=picuki.com&sec=1&pAuSt=2&wops=0&sURL=picuki.com&BrID=5
Frame ID: C5E57D5BBAB088402E319BC7DE03C709
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: B9ADCB58A4D9D24ED5F5DAFA7D32FF51
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 8B6ED9B056B3F0B6110FF7FB11D1BB64
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Frame ID: 1BA3C9ACFCF6A0F25030BA6B0D6D7FBF
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1679528279953
Frame ID: E77E0C82D22CDFD8F7495EE907AA565E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Frame ID: 0C427A271334872D8E004E121DA0AF25
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Frame ID: E17DA90F89AB0B8537A0FA2B0264F341
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1679528279940
Frame ID: A5B58BB8939D6C7F6448CEA28BCBC752
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: BB34ECAC7CC200163D14882EA5767367
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 2287FD5367AD0511778E086D8DFB933B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1679528279952
Frame ID: 9CFAFAA13982B91E4EB7ADA55E4B3EE0
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: B73E20D8A25407014D16B58DCE757AD4
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Frame ID: 2160CF757C81655F6ED24D78D579F966
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 60CB4DCA79656F8AEF947A990C91E174
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js
Frame ID: CD4C29BFFE89356393A7B9F5B609C682
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Frame ID: 79362441D99B0806F928A697102CD06A
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 96DCEACD5B450D4C516D0EB0A8B433E6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 088D6C5E37DADD4AECFBC3A24CEF52F1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MDR-DT8xegsrOXtfN2FiCjNkKVwrYX4NMjJ8Cco6
Frame ID: 19617B9AA0006AEF6F0AF81CFA3E146F
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 0001A59751E6B89375C23DE633666C74
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8058816932854632293&gdpr=0&gdpr_consent=
Frame ID: 08880050B515348B523221971013E756
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7213519061078702221&gdpr=0&gdpr_consent=
Frame ID: 706643C6C5FF782A03EEA38AAC39CA79
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=k9kklAdZVvJ1I-dUGGl_hrnVm8Q&gdpr=0&gdpr_consent=
Frame ID: D83F0246047C46B1294712408EA1A11B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGbMk7INyMAACA5vpVyog&gdpr=0&gdpr_consent=
Frame ID: 1211A46AE028099E5111F211AEA4FCDE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZBuRXgACZ907YwAo&gdpr=1&gdpr_consent=&_test=ZBuRXgACZ907YwAo
Frame ID: D36E3E25350CC5D7794C77F41FABEFCD
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 8E69C5560E618053FD5D12AB52ADE0F6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=zq4jlnmipcur
Frame ID: F92E278AF5C9A866F4CB91EF058C4B12
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 9EDD9C645EB9EAFCE2EF49B8C7543CE9
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 81B0BD8E5B138EE3856BB0FCCCD00BD8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3EB2BFDB43B0FDD907A067955DCF431C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
Frame ID: AF26BB484A0F72EE5B8B845765BC7BA4
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 070AB02B2632CAD97F1C61D742849927
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 20B8A7717C2E3FF5009CF70135FFCDD7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UWhXhYYgTnnTUWTb&gdpr=0&gdpr_consent=
Frame ID: FAE75448363663F55343C4A6B6FF6C53
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B4767E0EA376416894B194D4BA72A92B&gdpr=0&gdpr_consent=
Frame ID: 9B771B797EDA1CABDE93432682DCA54A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGbMk7INyMAACA5vpVyog&gdpr=0&gdpr_consent=
Frame ID: 4B4164176F547215996B51C4B5818C13
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZBuRXgACaHA7dwAo&gdpr=1&gdpr_consent=&_test=ZBuRXgACaHA7dwAo
Frame ID: F2F2E19F1CC8531A4F29810BE2F88972
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 13D8AAD786C64E11CF6827C38B32244B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=ub6bnigyq8tr
Frame ID: E09A81E73E9E46FB6F3B778C30C5461A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 91B4B3D4188D8119D7E1F22FF8C9D76D
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 52C78A2D188610B67CDB5B1C24A4A5D6
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A54CA52923B88A5F3FA03905C82C377D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
Frame ID: 88D27A74EBD23BC312F431F7B06933B4
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 97F764BEE91E07D27723E3C74153AEEC
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 8725004D3E582B6DACB43CBC58460C44
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSnXRMgjMgnVXYYRh&gdpr=0&gdpr_consent=
Frame ID: 4B953AE595D63FD061BF06D2DBE31227
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B4767E0EA376416894B194D4BA72A92B&gdpr=0&gdpr_consent=
Frame ID: DB800C960D2BAF145DE77400F24AFF1D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGbMk7INyMAACA5vpVyog&gdpr=0&gdpr_consent=
Frame ID: 0BC9CB1559DC943041F93B659710B6F5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZBuRXgAABLY8ZAAo&gdpr=1&gdpr_consent=&_test=ZBuRXgAABLY8ZAAo
Frame ID: C980051FDD70001A2E84647C358A5DFE
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 75823064342E30F177AF92E2C89F3536
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1v2nc2igvm8p
Frame ID: 9523FC27F9730AD8139DF6CD5DAEC842
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 3968F4CDFB9D50DF5A8FD01DD0F45DC4
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 3FCE65E8DC865514743C5B1670DA4EF6
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6F21453E2A92E1B24322116B8FAEE34F
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
Frame ID: D1C8C42D282BDE28C2679066173DC963
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 01AF569E250F6A86294FEA311AF85EDA
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 0379A72281E581637A89080FE32C99AD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhhYaQRXagVVhXgWX&gdpr=0&gdpr_consent=
Frame ID: 5D0A56431DC676750D2E4E125D258A02
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B4767E0EA376416894B194D4BA72A92B&gdpr=0&gdpr_consent=
Frame ID: 057B3AC4C1153875EC0CAAC5A76B8D13
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
Frame ID: E8A7C4EB2D6D6C1D84957F36E21CE201
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Instagram editor and viewer - Picuki.comFacebookTwitterWhatsAppPinterestMessengerEmailAddThisFacebookTwitterWhatsAppPinterestMessengerEmailAddThis

Detected technologies

Overall confidence: 100%
Detected patterns
  • /(?:([\d.]+)/)?firebase(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moatads\.com


Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

392
Requests

90 %
HTTPS

30 %
IPv6

80
Domains

122
Subdomains

81
IPs

13
Countries

2812 kB
Transfer

6908 kB
Size

101
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.picuki.com%2F&domain=www.picuki.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=k7s_nnxaNitiemVtay9XalY2amw4YTF0citPRkJDWkgzTkF6RXhBWU5SWlB0OCtZM0s4Um1vYm5jZkxodjdLWXVJR0tqeTYwaVZaTm9jSTNXZ0hyMmIwN2lyWGE4UXkvT1FYUW1HeHNKN0tmM1picHNHMkpCZXhHNDNXMEk5ZythTUdYeldGbUZsSlRrNW9xTlZGbXFNTkZyYzZyTDBKYW1DMm10blhWL1FSQUtLelZDT3FDWFhPeldrSXFoVnl5ODR1bzBKOE9xZjdBUUg3YVBpK0hpdVVjUE9wQWRSbGdTSlQ3d0h6QTRnZTc1ZFVVPXw&cppv=2
Request Chain 186
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=picuki.com&sn=ChromeSyncframe&so=3&topUrl=www.picuki.com&bundle=kC0m_F9pWENpakZrdWxJQXhBNXZkNmExemh0cEtFaUNWUkdRZGI1YmdSM080dm1uWlZja3ZqNCUyQkpBamxydFBTYlM1biUyRk85QUZ6UzYzSDh4Z3dKMEhXQTBUa3JiVzhiek1sTzJqWTZ0VXAxekIwQ21paVJ5c2ZCaFhMTXJJT2kwZ1hYNG0&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=LT4kDHw0S1E0d1VqMy85a29sT1B1c1R0Y1BwMnczWVl6TjVmckN2YXhnSDc4c2cxNnRmTTdXR05tQkhCU0VUa0h0L2MrdHBWMWRUa0RLZ2Z0ZEZmNnpoR2RsaURGWVo0d2tWSmdrZ29GNWwwWFRxTzRHUE8zMDA4MEFtcDU2dTVRcHpjTlR1RWpoNGVJcWlabTg4bzM4ZEpDdWYwWDdCL0dPR1QvUDQzcHQ5NkRpKzBOZUE1SXluVjI4RGQrUFl4TjgwVURXWThXMTNkTWlSb0tXQm1MNlpVZll6QnVSWDJHN21JR3MyaWtqQXFzYUdmREliZm5TaTlscVlHUFIrQWx6UVZGWUg2Mmxtd01MY3dWR2phNmhkNCtHUT09fA&cppv=2
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDoEJ6BXw63uTR6Ucwj-LTI&google_cver=1
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEABkgQSh9k56oAN8eSuHFvE&google_cver=1&adform_v=1
Request Chain 209
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5ad9641b-915b-4d00-8c48-2767684d5af7&gdpr=0&gdpr_consent=
Request Chain 210
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3532487262417699871
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjZEMDIyOEItMUE4Qi00MDE5LTgyQTUtM0ZFQjY1RTZCMzJC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEL-usC4x38nKL87n8GKK3Ts&google_cver=1
Request Chain 214
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7433101869634256471
Request Chain 257
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=77060fa2d95948f8d065d6f79855ddeefde83bc8640c537417b5d6c13ed9cf18
Request Chain 288
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1 HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZBuRW94HJW-.9VPGyXOvOgAA%261156
Request Chain 301
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=7433101869634256471
Request Chain 307
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 308
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MDR-DT8xegsrOXtfN2FiCjNkKVwrYX4NMjJ8Cco6
Request Chain 309
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 312
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.qmMFqlE2uWg.yrfyS64ZEuItGQldOY-~A&gdpr=0
Request Chain 313
  • https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3D35e196b0-2494-4f17-8f77-a7fa838cfd39&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=5ad9641b-915b-4d00-8c48-2767684d5af7&expires=30&ssp=vidoomy&bsw_param=35e196b0-2494-4f17-8f77-a7fa838cfd39&gdpr=0&gdpr_consent= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=35e196b0-2494-4f17-8f77-a7fa838cfd39
Request Chain 314
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx&ox_sc=1 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=3d711721-2be9-43c4-9afc-a73bf0719e3b&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
Request Chain 317
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8058816932854632293&gdpr=0&gdpr_consent=
Request Chain 318
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7213519061078702221&gdpr=0&gdpr_consent=
Request Chain 319
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=k9kklAdZVvJ1I-dUGGl_hrnVm8Q&gdpr=0&gdpr_consent=
Request Chain 320
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=35e196b0-2494-4f17-8f77-a7fa838cfd39 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=35e196b0-2494-4f17-8f77-a7fa838cfd39 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=9571dd9a-1e8b-4cd0-9cc6-b891f5ecfbaf&user_group=1&ssp=pubmatic&bsw_param=35e196b0-2494-4f17-8f77-a7fa838cfd39 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=35e196b0-2494-4f17-8f77-a7fa838cfd39&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 327
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGcmVrN0lOeU1BQUNFcFVuUW53Zw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGbMk7INyMAACA5vpVyog&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3486518970878298841&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGbMk7INyMAACA5vpVyog&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3486518970878298841%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3486518970878298841&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGbMk7INyMAACA5vpVyog&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGbMk7INyMAACA5vpVyog&gdpr=0&gdpr_consent=
Request Chain 328
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZBuRXgACZ907YwAo HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZBuRXgACZ907YwAo&gdpr=1&gdpr_consent=&_test=ZBuRXgACZ907YwAo
Request Chain 330
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=zq4jlnmipcur
Request Chain 331
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 333
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 334
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1679528286464 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3987590456 HTTP 302
  • https://sync.1rx.io/usersync/turn/4280806482388564353?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
Request Chain 337
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=64b2b33a7ee76471/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DH1I2i050UWhXhYYgTnnTUWTb%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DH1I2i050UWhXhYYgTnnTUWTb%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UWhXhYYgTnnTUWTb&gdpr=0&gdpr_consent=
Request Chain 338
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B4767E0EA376416894B194D4BA72A92B&gdpr=0&gdpr_consent=
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZtAiixqLQBmCpT_rZeazKw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 341
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3571662320 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
Request Chain 342
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDYzNm1SVTQyVUhTTDYtbWV4WHZHaU1oZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7433101869634256471&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 343
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8058816932854632293
Request Chain 344
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3848460918160996737&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 345
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bfacc1b6-d661-4aa1-90af-2b1db5f51e6a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZtAiixqLQBmCpT_rZeazKw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 348
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=780674882 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
Request Chain 349
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDYzRFNlV2ItQkZTRldqa2NuSUNsdmk1UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7433101869634256471&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 350
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJdEwwN0lOeU1BQUNEbktTTXRsQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGbMk7INyMAACA5vpVyog&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4406522062560856605&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGbMk7INyMAACA5vpVyog&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4406522062560856605%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4406522062560856605&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGbMk7INyMAACA5vpVyog&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGbMk7INyMAACA5vpVyog&gdpr=0&gdpr_consent=
Request Chain 351
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZBuRXgACaHA7dwAo HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZBuRXgACaHA7dwAo&gdpr=1&gdpr_consent=&_test=ZBuRXgACaHA7dwAo
Request Chain 352
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8058816932854632293
Request Chain 353
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7883686184284961153&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 355
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=ub6bnigyq8tr
Request Chain 356
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:51a576c4-a3d4-4755-8d19-d6afd0d962c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 357
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 359
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 360
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1679528286464 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5966958852 HTTP 302
  • https://sync.1rx.io/usersync/turn/3776403324123068801?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
Request Chain 363
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8e29facfae52339b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D0E2y59DCSnXRMgjMgnVXYYRh%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D0E2y59DCSnXRMgjMgnVXYYRh%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSnXRMgjMgnVXYYRh&gdpr=0&gdpr_consent=
Request Chain 364
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B4767E0EA376416894B194D4BA72A92B&gdpr=0&gdpr_consent=
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZtAiixqLQBmCpT_rZeazKw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 367
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1191737688 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
Request Chain 368
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDYzRFNlV2ItQkZTRldqa2NuSUNsdmk1UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7433101869634256471&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 369
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHYk1rN0lOeU1BQUNBNXZwVnlvZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGbMk7INyMAACA5vpVyog&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1371215017451227794&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGbMk7INyMAACA5vpVyog&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1371215017451227794%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1371215017451227794&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGbMk7INyMAACA5vpVyog&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGbMk7INyMAACA5vpVyog&gdpr=0&gdpr_consent=
Request Chain 370
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZBuRXgAABLY8ZAAo HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZBuRXgAABLY8ZAAo&gdpr=1&gdpr_consent=&_test=ZBuRXgAABLY8ZAAo
Request Chain 371
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8058816932854632293
Request Chain 372
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7955743778322889089&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 374
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1v2nc2igvm8p
Request Chain 375
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:18d8b625-7f26-48b1-ac95-10e4b3ab4da3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 376
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 378
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 379
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6595790995 HTTP 302
  • https://sync.1rx.io/usersync/turn/7667513402171177345?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
Request Chain 382
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bb30d920a55b2a42/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhhYaQRXagVVhXgWX%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhhYaQRXagVVhXgWX%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhhYaQRXagVVhXgWX&gdpr=0&gdpr_consent=
Request Chain 383
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B4767E0EA376416894B194D4BA72A92B&gdpr=0&gdpr_consent=
Request Chain 385
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 386
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&addseg=19,36,42
Request Chain 387
  • https://pixel.onaudience.com/?partner=214&mapped=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

392 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.picuki.com/
44 KB
9 KB
Document
General
Full URL
https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbd9e4ed7600a52f90a7dad607abd4470b224c4467d61a0b0167fbb8cdd8e809

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7ac243fd0ce95b6e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 22 Mar 2023 23:37:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kURAeBwggggIAvlDS536o1eyHKl%2FA34C0RhXQwyrhfiVjP8dk54vRN6psxpD6uxllNEWPIQfaAc33d4RCgft4f%2FabsOO27fM%2Bq73bFNuLwrP%2FEXSfOj0FoGj1RA6joVo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.css
www.picuki.com/app/assets/css/
121 KB
20 KB
Stylesheet
General
Full URL
https://www.picuki.com/app/assets/css/style.css?v=1679528278
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
145331f47b3ac2bd1d696b0101e78540c5951893216877e95829b7101b233270

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Feb 2023 08:43:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63db77c1-1e4cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVvIgz4L5pWMWU%2Bd2ynIuiR46dpPT6nUw8jodIP%2BM4JFzf%2BXFdSyvZGBQ0jo%2FtxHyWD%2BAhfhx3OXlFuc848paSYDgi3SW25qBjIytEgDXyTk39AWeFGcOCQ7ym%2FJtooK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7ac243fdcd4b5b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontello.css
www.picuki.com/app/assets/fonts/fontello/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.picuki.com/app/assets/fonts/fontello/css/fontello.css?v=2
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69132eb2f05e13a4c63a410722925db45aee5c05b3cb792fcb602e890ee69860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Nov 2019 13:57:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18157295
etag
W/"5dd697be-b3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlFEF0GcGU2CHeY1iGe%2FGewvI%2BMipcchj%2FPaykqRtuC5ttJ7QcmKKyiKzi8hE3DaO8SbVUdix2CN2JhpbHDrxRvDycE7fAiUSihtNgI8PoUVGlhK%2FAiOWY%2BXLOLVB7UF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7ac243fdcd4d5b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontello-codes.css
www.picuki.com/app/assets/fonts/fontello/css/
1 KB
607 B
Stylesheet
General
Full URL
https://www.picuki.com/app/assets/fonts/fontello/css/fontello-codes.css?v=2
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a880ca860b0dfd58886aeb5566f01ed3e6824f4223c98c6bf839d1196047c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Nov 2019 13:57:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18157295
etag
W/"5dd697bc-472"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKKZ2RhslyOyfcUfOgTyzvHkvQH2TQL8sKDFeggeUYzPT17y%2BxEHij8Z5KGtWOiSRIlnah2dLbm1wWdaIgMBwoPDP1PQZKNQDX9sInPahGqyzDyEKjGqOa5zvQYIQ7Qp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7ac243fdcd4e5b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
flaticon.css
www.picuki.com/app/assets/fonts/flaticon/
25 KB
5 KB
Stylesheet
General
Full URL
https://www.picuki.com/app/assets/fonts/flaticon/flaticon.css
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be8e095e2fd0837f7ceefffaf25b2aa3579180714c27f2d9cacfb0cc9f87872

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Nov 2019 13:56:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18157295
etag
W/"5dd697a1-64e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tg6WObW5Fzm13sk4kLOQ40ooJxN3p%2FelzcklRgTpO2AR43OmnwmUgyGdnNrsXcWVh9wUH69wuVwUy68RFjJviCZGD%2BdFR4DlnQpCgoD8442tdwEqSHlGClPU2W0appe%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7ac243fdcd4f5b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
flaticon.css
www.picuki.com/app/assets/fonts/flat-comments/
832 B
643 B
Stylesheet
General
Full URL
https://www.picuki.com/app/assets/fonts/flat-comments/flaticon.css
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5592fb740954d5a92e2c24d18ddc4af2e53d42da3ad30e2a44c793d49a45f69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Nov 2019 13:56:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18157295
etag
W/"5dd6979a-340"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpvvoQp3JrhCP0lDCD2HTyMXxBd8eNcziG2gMFnmLmV9VNiBdaTZK7jYb96qJZ9rQJ0i5wowepi0QsAiPOs5V2VWRW08NkH0VQT6NoM9lI%2FlLBQzJvnXskyAijaYvxpr"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7ac243fdcd505b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/
115 KB
45 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-153071106-1
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77edb639b1aec050b50ceb1c3947bdbc326a3b53c2c39a78cc7d5444cdb1fb48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45735
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 Mar 2023 23:37:59 GMT
in-view.min.js
cdn.jsdelivr.net/npm/in-view@0.6.1/dist/
5 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/in-view@0.6.1/dist/in-view.min.js
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2473443
x-jsd-version
0.6.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230030-FRA, cache-yyz4572-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14be-WmlQIO/ElIG9SfA/X8UgGV8u+ls"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Y02%2Fvida0cLEAfpzzYfmVGhuYCyL%2BPYWbdEs0AUvlinbaK2Cck46hZhgezlOzRGJ6uR2153fwbSm3MJ4%2Fleuzzcg248OKd%2BiWiEebO0%2FLL96kmyfOoVQhOKBkEDmHV16hZQA5abK44V7o04qTc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7ac243fe08793a86-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/
78 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88109bb48d8d467bebe4dacf3ba8233ff2acb2282eac443579bb77dcf4ddfb29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27193
x-xss-protection
0
server
sffe
etag
"1519 / 298 of 1000 / last-modified: 1679523446"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Mar 2023 23:37:59 GMT
3528
stpd.cloud/saas/
432 KB
116 KB
Script
General
Full URL
https://stpd.cloud/saas/3528
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1abe645d090e572ea4dd49481f262a4e1d86b4f5f8bfae7d606d09d295558fea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
s-maxage=300
cf-ray
7ac24400eb8ebba9-FRA
stpdhash
true
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 14:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Mar 2024 14:21:30 GMT
imagesloaded.pkgd.js
www.picuki.com/app/assets/js/
16 KB
4 KB
Script
General
Full URL
https://www.picuki.com/app/assets/js/imagesloaded.pkgd.js
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2cd2a4097f44833817993ded2514b688066ac86d87a1e59a6b6f5369c15cfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Nov 2019 13:56:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18157285
etag
W/"5dd69785-40a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqYVpQrMhd%2BiKkdUUsxXMv7SY77LSpwYrcsoivfXLfV8FI1VUoYwICzZvAB1oIRiB6Nn3e0Y%2BEewXvte5jld8q660rCN4Ys7s5HmEo8OVoDfru%2BtqsEDBTxG342EyBOP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7ac243fdcd535b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
isotope.pkgd.min.js
www.picuki.com/app/assets/js/
35 KB
10 KB
Script
General
Full URL
https://www.picuki.com/app/assets/js/isotope.pkgd.min.js
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Nov 2019 13:56:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18157285
etag
W/"5dd69785-8a80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxAGZjLYr%2FHLIV32rDXvvm2TScOqpBvguZ0z3%2FT7%2FgeQeERyoRENJXlwD8F983kNTJd9yk785xRMzPRNIhEDbJkv0QOPS%2FbDTI%2Fa6YbaKNen%2FGi4lCFCY7IumFd3fSQ4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7ac243fdcd555b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
infinite-scroll.pkgd.js
www.picuki.com/app/assets/js/
56 KB
13 KB
Script
General
Full URL
https://www.picuki.com/app/assets/js/infinite-scroll.pkgd.js
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d22341f68e20d3487a0f5ddb61f01a9303fd39b6025b0a9a4eb2ed7350bf442

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 01 May 2020 11:27:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18157285
etag
W/"5eac079d-dee9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDYIVHuPUfWDZrGi4z2hZASi%2BhU74me11dZUeyYE88y6Vt4lF9cpAgRYer5PgaO5JOdyfvrZhmsiHs420k0mu58W0e%2BB0sOaxBIHjW6i%2FXL8CsiIwV%2F4u%2F6aaxa2HLDY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7ac243fdcd565b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
imagesloaded.pkgd.min.js
www.picuki.com/app/assets/js/
5 KB
2 KB
Script
General
Full URL
https://www.picuki.com/app/assets/js/imagesloaded.pkgd.min.js
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 01 May 2020 11:27:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18157285
etag
W/"5eac0792-15da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9IoQLjeFWoh1Ldbh8%2F86L5SJPBf0c14K58d6O2wFg4zFyqJcsTaDm0OmqnAdq1ZN%2B7eDarf%2FMjLzUnzbusTQ8BqIYkd%2BKGiDUgr5uWE2a%2FP339AuA6HyjukMf5suW5Y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7ac243fddd595b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
adblock.js
www.picuki.com/app/assets/libs/
7 KB
2 KB
Script
General
Full URL
https://www.picuki.com/app/assets/libs/adblock.js
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7fc64440f3353cb63c713aa3271fd0850688ef47bb855d8533d103754811c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Nov 2019 13:56:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18157285
etag
W/"5dd69788-1b0b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fns18rwk%2FtJys2308YfIkmNjafWFzMpOMfKD25BJRikQ41zLz10Zji0gwxLgA26bCUVdZJmNLmuuyOXzZ7I%2BXC6EiYI%2B2DJzsgCu%2Bmii9%2BRWn%2B4BQaHgZjJwEwrbFtzn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7ac243fddd5a5b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
www.picuki.com/app/assets/js/
104 KB
15 KB
Script
General
Full URL
https://www.picuki.com/app/assets/js/main.js?v=1679528278
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a32994b96ae9e55688f0b035cf97c708af8a43ce41402e114109bd85b356b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 17 Mar 2023 13:05:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64146597-19f7b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BFY%2F1N9XNzY5X6iw3U7kaxNXfEcl%2FxmMxEYLfLEmjkzDjTx2UtO76MEZgtWmVA92VFvJ6j8TGnIoRDzJRoKBzapCFT%2F8CkfJjn8WuV8oxzE2YmHJrzrQtXher1AARAW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7ac243fddd5c5b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
nude.min.js
www.picuki.com/app/assets/libs/nude/
927 B
813 B
Script
General
Full URL
https://www.picuki.com/app/assets/libs/nude/nude.min.js?v=5
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe50d0db7b31a6fd68843827f50f1e6e4f960e5506ffbcf11867362d2e5b183

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 06 Mar 2020 11:49:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18157285
etag
W/"5e6238d0-39f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2OWoodRMq%2BJwFBfYA1V8sGkythcfGs6EpnSc0PCgMOOr8Q7FbnL2BrDqjt1pt4akKvTPAqKmz4a1G8vFW33sWs54%2FOhDwOPk7FDKf11n3t90c2A0ejLRC5yrzBGYqCu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7ac243fddd5d5b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
owl.carousel.min.js
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/
43 KB
11 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10158
last-modified
Mon, 04 May 2020 16:04:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf0-ad36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqNfm7Cm55rLxRs9LnJXxa%2FPYpVlDVF%2BJNREzDM8KymdgBI456znPzoLq%2FMZES%2BT72kc7DfNVuarTzaoK%2FCHU%2BTRDdIV7iHFaFR19bfC7qgiA70M3T94wSx2CeV3oLsHdSvPm4DMxjipyqWle3xu2Xpc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ac243fe0bf93a54-FRA
expires
Mon, 11 Mar 2024 23:37:58 GMT
owl.carousel.min.css
www.picuki.com/app/assets/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.picuki.com/app/assets/css/owl.carousel.min.css
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Nov 2019 13:56:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18157285
etag
W/"5dd69771-b78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3CJXzNqrHkgC38dpmFlZDkIAsibZfebn7kTp3AB04hROeHOl0J64WBdQT6nMz1huxeLks5DkqtlBPcejl9l3CmZaMfsvr6O0t8yCTPAfJJJPh2CkscC00fzprG4dYcs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7ac243fdcd515b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
owl.theme.default.css
www.picuki.com/app/assets/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.picuki.com/app/assets/css/owl.theme.default.css?v=1679528278
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee395b358a3541aab810e49c3848842b46f62de07981079da3b98ef3e21d84b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:58 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 16 Dec 2019 09:20:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5df74c4b-15f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmVMmvImM8O3PLPrNauJonRlZda8W7j0rQciNO5SZC4V97TMR3ZW1hbdkoDli%2F%2BdfsFK9V6FL3pUUQhgcnfHaiZmPPya7j%2B4d7%2BTFUxxU%2FmJFuael%2FDhK9NLjsbs2akk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7ac243fdcd525b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
yep6IPkO1EBGZyPbcMUSyuVTjKdw.jpeg
cdn1.picuki.com/hosted-by-instagram/q/
5 KB
6 KB
Image
General
Full URL
https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMUSyuVTjKdw.jpeg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a420d8bb78b8f4f00b11484050f2940594e86cf3a956f38bb1761adde8a1510

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
791
content-disposition
inline; filename="6375221.jpg";
content-length
5254
cf-bgj
h2pri
last-modified
Wed, 22 Mar 2023 23:24:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbPZoV%2F0msdl3M7IHI0sKdJcDVzFx7Ua5CnsWjiDU5pj%2B5C%2FpPn8SpLFtDFp%2FvPN6ku3dfziLeWrKTc97MzUKxs%2BS9IUWaMasyfy5rIk04uwnigvMHRbRsEv9N4jS3jANQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac244009ebd5b6e-FRA
yep6IPkO1EBGZyPbcMUWyuBXh6dwTw8=.jpeg
cdn1.picuki.com/hosted-by-instagram/q/
6 KB
6 KB
Image
General
Full URL
https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMUWyuBXh6dwTw8=.jpeg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7abef4b3776c5a08fb1199bef6891ea36ca5c7d713974f9ddbb5689d65b981e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2479
content-disposition
inline; filename="232192182.jpg";
content-length
6016
cf-bgj
h2pri
last-modified
Wed, 22 Mar 2023 22:56:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLuSHuQdIpYkX2ASMbHbwEHvYEs%2Bx59%2B1iBPBi8VFd7piEOfPsQjr5RjBF69tmg%2BedvjyQD8TMN9LXu%2B51UP8IXr1SLT9yTp9z3E7j8rgyMBL7NwEquTRHOtuMQuJwFFew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac244009ec45b6e-FRA
yep6IPkO1EBGZyPbcMUTweVXjac=.jpeg
cdn1.picuki.com/hosted-by-instagram/q/
2 KB
2 KB
Image
General
Full URL
https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMUTweVXjac=.jpeg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20cd76e97106f087e3bcc0ab9f0c3502baa4a9255b387bbe5ef927c45a27517d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
405
content-disposition
inline; filename="787132.jpg";
content-length
2180
cf-bgj
h2pri
last-modified
Wed, 22 Mar 2023 23:31:14 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLoZ4DuGdtdcfbafWk8vt94mCxH90iPB2AHnlEAaXuKZQxeT2v%2BsPqgog6LUnZ%2BwEplBXAlSYTqBmpRvyHpBkhpXHq4%2B9i98O7dAGg6%2BJI7AvyQ9W4jjFhG2FJ77sKdTEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac244009ec15b6e-FRA
yep6IPkO1EBGZyPbcMUWz+RQh6ByRA==.jpeg
cdn1.picuki.com/hosted-by-instagram/q/
3 KB
3 KB
Image
General
Full URL
https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMUWz+RQh6ByRA==.jpeg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aa1ff4317f044b2877f4b976f83453bf56720d60d4023dcbfe9afcba9ad5f23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2554
content-disposition
inline; filename="26669533.jpg";
content-length
2882
cf-bgj
h2pri
last-modified
Wed, 22 Mar 2023 22:55:25 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtJDLXBuugrNaq3TCmVHa2yD6JMkdCNmcaROpSlle4Az5G7z95f9lVqjssnIKoqWw73ZfJD9rhgqJzdvLKGnqVnCcFK8IYX%2F4N7LIABMGD9MFflWAZeFZ6ZbcvnphI8mWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac244009ec05b6e-FRA
yep6IPkO1EBGZyPbcMUQyeVfiKFxTwU=.jpeg
cdn1.picuki.com/hosted-by-instagram/q/
6 KB
7 KB
Image
General
Full URL
https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMUQyeVfiKFxTwU=.jpeg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b99081753423c8bbf7f9f844fea17a8be9a5a620754839a5d5e1a76e23a1ed82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2468
content-disposition
inline; filename="407964088.jpg";
content-length
6406
cf-bgj
h2pri
last-modified
Wed, 22 Mar 2023 22:56:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrpF2aE6uP0hylPtKsgzy3oH%2B%2FXNu4D2q7a5z%2BlF7kvNq%2Fz0Zjuh7cmgvD0hEYjOjMd14%2F7J0nDZU8AocmA%2BiQGj64WAY%2BlMij0LUJZZVMnLJ1ToxEU%2Fd8Ux4BzrC1SZYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac244009ebf5b6e-FRA
yep6IPkO1EBGZyPbcMUWzeBTh611TgQ=.jpeg
cdn1.picuki.com/hosted-by-instagram/q/
6 KB
7 KB
Image
General
Full URL
https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMUWzeBTh611TgQ=.jpeg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1027d217430781b1e1d6d7d32a8b7c56ac7c31807b56a79ff00a446fb4d5883

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2479
content-disposition
inline; filename="242598499.jpg";
content-length
6466
cf-bgj
h2pri
last-modified
Wed, 22 Mar 2023 22:56:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fufXDZP6o3A4YieUOWTZt4TeoAGU2RhAoa2jU0S6Lb8BeURMKUHoBK1PsEywP6KUzDH1XbJaMupDzm%2FnZoAkSivbNMs5o6VZwMe9VN%2BOG%2BNQPI%2BrpN7HjGfT8XvGlp1XCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac244009ec35b6e-FRA
yep6IPkO1EBGZyPbcMUdzuZRjqd1RAk=.jpeg
cdn1.picuki.com/hosted-by-instagram/q/
4 KB
5 KB
Image
General
Full URL
https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMUdzuZRjqd1RAk=.jpeg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03126aaeb6bd0fe3d003c920a8cf54693f878a74aa965727ee79eecb89002734

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2479
content-disposition
inline; filename="974702434.jpg";
content-length
4560
cf-bgj
h2pri
last-modified
Wed, 22 Mar 2023 22:56:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kW%2FjnxPE%2F6Hbmy1cnkE3ozxBb%2FA07h0ke9K%2F9ncYMCANtbWoYzH%2FTTBq5wlNLR%2FeWl3T1KKTKs%2BeQyn62Olu9oWQclGEqTjK603OEd5eNYKouGl%2B6sQsBXmbYZ4%2Fv5VU1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac24400bedd5b6e-FRA
yep6IPkO1EBGZyPbcMUSz+RUiKJy.jpeg
cdn1.picuki.com/hosted-by-instagram/q/
2 KB
3 KB
Image
General
Full URL
https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMUSz+RUiKJy.jpeg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b35d3452008af5edbdae6a409348d7e438965c529f943ea53c6e0d7474d7c61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2479
content-disposition
inline; filename="6662673.jpg";
content-length
2311
cf-bgj
h2pri
last-modified
Wed, 22 Mar 2023 22:56:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTu%2FZ0DTV30%2FkZDLWAo%2Frq6KLkuxuNX9NIZSad9BEfNFRu%2BakVZuV%2FRxrOZ2JYyBr%2FUgZm%2FWgjWMDgxxxP5Yt%2BuCEPhz%2BiNrobW%2BtBvcRYdI2218163aO12gevrXUGZvPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac24400bede5b6e-FRA
yep6IPkO1EBGZyPbcMUcyOZfiK1z.jpeg
cdn1.picuki.com/hosted-by-instagram/q/
3 KB
3 KB
Image
General
Full URL
https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMUcyOZfiK1z.jpeg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556d1c0c8b2d81fd4f36867861dd636686e87673af0b3fb8a4b81bdbaf56fe55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2479
content-disposition
inline; filename="8149682.jpg";
content-length
2561
cf-bgj
h2pri
last-modified
Wed, 22 Mar 2023 22:56:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsyYepYTuFLdtuUPW1BmgN%2Bt82aigKPfFzKy1G%2F4d6Ow%2FmI0kHwOToZASHrIKPdeo0bWtxTJf3gEufV09vvH%2B7q82I2xdft6DCBGjMH6Gjag78l9x0ZwEbhZMbB7IgfAfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac24400bedf5b6e-FRA
yep6IPkO1EBGZyPbcMUSweRWj614.jpeg
cdn1.picuki.com/hosted-by-instagram/q/
5 KB
6 KB
Image
General
Full URL
https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMUSweRWj614.jpeg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a464b5cee04dba08155df897f8624db9dc10f13dd4a27786eb39adb94de1b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2479
content-disposition
inline; filename="6860189.jpg";
content-length
5409
cf-bgj
h2pri
last-modified
Wed, 22 Mar 2023 22:56:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wT9jnPAnYAbuLjDycK%2BlwL561lHBCHyLXy8DpLAJcg0erq2k7gUVHD6%2FRuU09JicnEFtmkrSBFth7jO4sq3ev0iYbd1AkL3KkCaHeuexgHhATKGWWbOyUjL1Fe02f4Dcvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac24400bee05b6e-FRA
yep6IPkO1EBGZyPbcMUVzeZSi6R0RA0=.jpeg
cdn1.picuki.com/hosted-by-instagram/q/
2 KB
2 KB
Image
General
Full URL
https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMUVzeZSi6R0RA0=.jpeg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f66562b9f9a2524e49fb9adb968abd4ccb048289e9cfc488c35dbeef22fe89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2479
content-disposition
inline; filename="144451530.jpg";
content-length
1637
cf-bgj
h2pri
last-modified
Wed, 22 Mar 2023 22:56:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R76XdjywJ30LEbT4AEayllPG2d8bWgXmVJ3qFo26S2nuuzdxwezBYwO8EX5kO1jwkAMQTlWh3Btu%2F%2FgesXlRHlH4%2FHxKy6bfDhhku0VCfJCyxaj1xn2OaHqW0Lxd6KAj7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac24400bee35b6e-FRA
yep6IPkO1EBGZyPbcMUWyeFWhqF1Qg1E.jpeg
cdn1.picuki.com/hosted-by-instagram/q/
9 KB
9 KB
Image
General
Full URL
https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMUWyeFWhqF1Qg1E.jpeg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
578932c4091fbb4da472946b9f0baf6fa26b23296b61786d99e863e760afd990

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2479
content-disposition
inline; filename="2030844508.jpg";
content-length
8998
cf-bgj
h2pri
last-modified
Wed, 22 Mar 2023 22:56:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkhliSAcYsZg3nlkJlsqvG3yxOonQtTMcc282YLLiplm%2BPUNzNZShHi0l5C8i4%2B%2FhZTAf97ALOhoPcgTn38oF7OlmZqjhh%2B%2FK%2BBeGsngxeAagEOqTmsEUiivsJEPHHY%2FnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac24400ceeb5b6e-FRA
yep6IPkO1EBGZyPbcMUTyOdSiKd2.jpeg
cdn1.picuki.com/hosted-by-instagram/q/
6 KB
7 KB
Image
General
Full URL
https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMUTyOdSiKd2.jpeg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36bc629988777edb7a12d7e02d8132b5080295198f56be19d593597d6410513d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2479
content-disposition
inline; filename="7154627.jpg";
content-length
6427
cf-bgj
h2pri
last-modified
Wed, 22 Mar 2023 22:56:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHVU0qkxfpVY8EdS1AHEzrIAZslMdSIpnbIfv1zJevFoF3mOJ6MD3otXQiRN3ElloxHS8t%2FyQAcrzz9tNf9Jh5zpGX%2FCZyoVrZ7fEc6O61zxJeAUNoYMIeIpFRfT2Wd9Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac24400eefe5b6e-FRA
yep6IPkO1EBGZyPbcMUWzuBVjq11QQ8=.jpeg
cdn1.picuki.com/hosted-by-instagram/q/
6 KB
6 KB
Image
General
Full URL
https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMUWzuBVjq11QQ8=.jpeg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b3c42aa413d0f3dd20e300f61688feb4ac8baab09dfcc25dbf1cb780b8d693b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2479
content-disposition
inline; filename="272308462.jpg";
content-length
5674
cf-bgj
h2pri
last-modified
Wed, 22 Mar 2023 22:56:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tohYpUJMf1TgqeUskExbh0HbXWtB3GfuCzle9rTsPjMdjPAT8%2FSGnuzxch%2FnKRNLa2GFGprpOhUwtj5XP7eLAeHuEUBJxjuOpTk62DNvq7hRdm8hVd8PcqFZTOz79%2FP8MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac24400eeff5b6e-FRA
yep6IPkO1EBGZyPbcMUSzeNUhqxz.jpeg
cdn1.picuki.com/hosted-by-instagram/q/
5 KB
5 KB
Image
General
Full URL
https://cdn1.picuki.com/hosted-by-instagram/q/yep6IPkO1EBGZyPbcMUSzeNUhqxz.jpeg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3a87b806475df8d87e26b15a0730a0e9e280e532b7b289420370b5cf6370d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6860
content-disposition
inline; filename="6412892.jpg";
content-length
5093
cf-bgj
h2pri
last-modified
Wed, 22 Mar 2023 21:43:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bJJtPLupZuniMGwqNBq9qnqbyDednCpFI3dXacx4whcruf7cb1UJgQxjRzxCbMn5ZA1Pi%2BW0CoLmLosOBFmCMk1luJJhzBYWIl6JoPC7wwM1kdGX6dygw%2B8dxe7qAAz5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac24400ef005b6e-FRA
adblock.js
www.picuki.com/app/assets/js/
110 B
426 B
Script
General
Full URL
https://www.picuki.com/app/assets/js/adblock.js?v=2
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bd42c5a4eb3f83ecaa7be69ee5b8a01dc012cbd76730d534ef3fd68964366f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 12 Dec 2019 13:42:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18157286
etag
W/"5df243d5-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EScykAkXAe0JcczWaSMB3OgbqeL2spMLRt3x32Ix5XbTPyyvrgXyuPpi5X7WtzDh7%2B5w2hGCAIJIMXjIXaoX82Sc7pX9XIqrUvOD3QNwvuK%2Fj6ywdfzSLbsLES2EaY57"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7ac244008eac5b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
adx.js
www.picuki.com/app/assets/js/
110 B
452 B
Script
General
Full URL
https://www.picuki.com/app/assets/js/adx.js?v=2
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bd42c5a4eb3f83ecaa7be69ee5b8a01dc012cbd76730d534ef3fd68964366f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 12 Dec 2019 13:42:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18157278
etag
W/"5df243d5-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1tuwIYCDw5I1bs5deIRguKrHNJL8dnw%2FL8ptZiz%2FF9mN7G9I%2FfpyuHqRjfr7XBe768AbYzV5ruBlAb6d5MSBnVzVqkalAJqTc6auc3%2FgVjDXM2LqQathnlE2kLSmuCN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7ac244008eb55b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
addthis_widget.js
s7.addthis.com/js/300/
353 KB
114 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Wed, 22 Mar 2023 23:37:59 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116325
firebase.js
www.picuki.com/app/assets/js/web-push/
298 KB
97 KB
Script
General
Full URL
https://www.picuki.com/app/assets/js/web-push/firebase.js
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cea22d911e92222dbfede091756ddef209ca86a941285df534ee94e93fd31e3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Dec 2020 09:04:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18157286
etag
W/"5fc7588d-4a75b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FUWzWYE3lqRgxap8anpgTVexFAC4t%2Bf8xm4uRzCZH3ZYwXjlPDCQYQIpw3Wq%2F5hxOOtTDlFmnTSNWyWKVmURMECv%2FTqq85sbilqFXDzk55S3WTRIx2fWTvuLCifE%2FFU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7ac244009eb65b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
app.js
www.picuki.com/app/assets/js/web-push/
4 KB
2 KB
Script
General
Full URL
https://www.picuki.com/app/assets/js/web-push/app.js
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f225637a1bf45e162a500b29cfe8971759957b7881bff5b16c074f6f291f570d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 03 Mar 2021 12:41:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18157286
etag
W/"603f8408-1155"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUq2arpZc9wEDKWBiAtrkdxYedxbXZw4aaBXaG67hwKRwsrSITSq1s3RCm7j1HaPu1iLK1IoT4J4Bp4Y%2BM8J7Afa12DwA9Y%2ByO1QloPbLNaKCa0PJCsdYrnTdHMNI4Yv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7ac244009eb75b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Roboto-Bold.woff2
www.picuki.com/app/assets/fonts/Roboto/
63 KB
64 KB
Font
General
Full URL
https://www.picuki.com/app/assets/fonts/Roboto/Roboto-Bold.woff2
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/app/assets/css/style.css?v=1679528278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6f62c798f4ded375ac0963d17d281254a91029a44209f3b9c68d4d4ec514ed

Request headers

Referer
https://www.picuki.com/app/assets/css/style.css?v=1679528278
Origin
https://www.picuki.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Nov 2019 13:57:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2171
etag
"fd24-597dbabe38540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCkvbv0xAT9BDa1Jqh6bNwhQp6ovDLlkSGhUCO%2BRTNlgYTus2P26wBSXIjkDM%2FyQBVL0ZyzHMTDXFYuBkujkwaY2TNip37gnvRfs4D4mzmYJaSTQ%2FroLVQuZlJyggEGI"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac244009ebb5b6e-FRA
content-length
64804
Roboto-Regular.woff2
www.picuki.com/app/assets/fonts/Roboto/
63 KB
64 KB
Font
General
Full URL
https://www.picuki.com/app/assets/fonts/Roboto/Roboto-Regular.woff2
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/app/assets/css/style.css?v=1679528278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
364103bc6bf5b67d5297c758dd3f07ebdcb05f33d36291cb6d0549fb51e78659

Request headers

Referer
https://www.picuki.com/app/assets/css/style.css?v=1679528278
Origin
https://www.picuki.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Nov 2019 13:57:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
176
etag
"fcf0-597dbac3f12c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImCkGKcALPrchvRSbU0zY%2BkmsrU2mDeqEANO7AO2qb9mqp0B1g8hGtrSwR1deq%2B9hhk6mTFT2pQJC0VqDW6SVdVFVjpxtLcdDgv%2B8tzvTP%2FyXUqTtG%2FBrmmElbXTENUY"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac244009ebc5b6e-FRA
content-length
64752
Flaticon.woff2
www.picuki.com/app/assets/fonts/flat-comments/
680 B
1014 B
Font
General
Full URL
https://www.picuki.com/app/assets/fonts/flat-comments/Flaticon.woff2
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/app/assets/fonts/flat-comments/flaticon.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d454836811751ba1e4aab9a00ef8a5655eb2d7989ab14ca4ba199704ae11e25

Request headers

Referer
https://www.picuki.com/app/assets/fonts/flat-comments/flaticon.css
Origin
https://www.picuki.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Nov 2019 13:56:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
663
etag
"2a8-597dbaafea380"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHC1nibdL%2F0G79Oof%2B3DNCbqMuZUCEXTKjJDJhpg8%2BPLIc2wGt89Dx5%2BbnuB4sP%2FuTM9gTPrGqkqesNhXG8Tn7AcdUBngGzbN3JVNYGebRMHy%2BSPTFVST96SFjcMIwXp"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac24400aecd5b6e-FRA
content-length
680
Flaticon.woff
www.picuki.com/app/assets/fonts/flaticon/
24 KB
24 KB
Font
General
Full URL
https://www.picuki.com/app/assets/fonts/flaticon/Flaticon.woff
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/app/assets/fonts/flaticon/flaticon.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10b43c2c0ec666e5e81b56e2ac9e26a39b81717530a813f7b25e2a23e6617d10

Request headers

Referer
https://www.picuki.com/app/assets/fonts/flaticon/flaticon.css
Origin
https://www.picuki.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Nov 2019 13:56:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
52
etag
W/"5fbc-597dbab4aeec0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khmP%2BtCC%2FQq8eXxAnxXoesNhjM3FJFJnGFht%2BZxZTk5qw00CEgnHRHvq%2F1ONHHpJpUrjBQKON%2BXSipqhORfVe6yff%2B%2Ffsw%2BIRw7bFiGE%2B6GkVKAgoLrxXm1uz2Gtz5UP"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
7ac24400eefd5b6e-FRA
bg.jpg
www.picuki.com/app/assets/images/
105 KB
106 KB
Image
General
Full URL
https://www.picuki.com/app/assets/images/bg.jpg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/app/assets/css/style.css?v=1679528278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fef1c4a46034a481f647cd7d8a6f9693d05224c6881c327e7a89a65a2ed5ee36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/app/assets/css/style.css?v=1679528278
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18157276
content-length
107553
cf-bgj
h2pri
last-modified
Mon, 09 Dec 2019 13:02:51 GMT
server
cloudflare
etag
"5dee45fb-1a421"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHDUIkC8DTqPBa1nU%2F4P1UtKlNLf24sKGPofQZoVIERKIOAncSMqD89Fwt%2F4nefthihrzIyAJ8XCdZSxgpn3uhosc8kPJvCgeaqqshBk3Lhf8vTXQTLlAYKgiUg%2BirEw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7ac24400ef015b6e-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
B402EDC6F7271ED7
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=51765
accept-ranges
bytes
content-length
948
x-amz-id-2
3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5cad1cdf2197eb6d/
2 KB
738 B
Script
General
Full URL
https://v1.addthisedge.com/live/boost/ra-5cad1cdf2197eb6d/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
060a9d52fbe3f47cfe149e43092a02529b993610f5cc55a2c216254f748436c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
etag
-883847325--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=35, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
562
300lo.json
m.addthis.com/live/red_lojson/
89 B
249 B
Script
General
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=641b9157861e989b&bkl=0&bl=1&pdt=150&sid=641b9157861e989b&pub=ra-5cad1cdf2197eb6d&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.picuki.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1679528279345&jsl=1&uvs=641b91579079ecdb000&skipb=1&callback=addthis.cbs.jsonp__95645286034190490
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f1fba9ece83b16906da79bed1373a3997e1af80e1f96f03ebacd60ee60614350

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2D86
0
0

sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 7777
71 KB
26 KB
Document
General
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Wed, 22 Mar 2023 23:37:59 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
invisible.js
www.picuki.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 2D08
26 KB
13 KB
Script
General
Full URL
https://www.picuki.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679515200
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e40336c0a18f9be845a21f3876f7023231e18d3f9fa18a093614dca8b78bc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGNtSKOPJJxqwGK9nIGTUFg8oPFOtG%2Fs92Gv%2BEyQ0KKTa5K5y7EpNEQepOd0DJOCHpB5iyAkdh6bdSOniDelIO5B0fmnrFpC6fwcDFSpkmVNcZeglz3aU1GBtElJEp0l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7ac24401ffe65b6e-FRA
js
www.googletagmanager.com/gtag/
218 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D9ZR5E8BN1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153071106-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a6ac5ebd6cb695776cb3abeb8af1db4364b8ca9402feaf2ed97af1e742b8c45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78196
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 Mar 2023 23:37:59 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153071106-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Mar 2023 22:05:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5568
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 23 Mar 2023 00:05:11 GMT
pubads_impl_2023031601.js
securepubads.g.doubleclick.net/gpt/
396 KB
134 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0355d3058b5c3b6d7e6f65a1c28ef32a2c758db1d57cbdb07ab8a21bbc135a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 07:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56590
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136618
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 08:37:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Mar 2024 07:54:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
2 KB
563 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.picuki.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e326a51e4c8aa04d2f2e2e7ced1b4c71da954a5764f4203efae15534507618e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
538
x-xss-protection
0
expires
Wed, 22 Mar 2023 23:37:59 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/
263 KB
76 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Wed, 22 Mar 2023 23:37:59 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
pica.js
www.picuki.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 2D08
7 KB
4 KB
Other
General
Full URL
https://www.picuki.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ebea04f22fb16479e8c51405f234f8e0d07798bb1546f4863f6f2ccb0c5bae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsCyo4kLG5Mk76%2FcHqt9p0gRudPHSnonxxlrXRUvi4AkU8zFkpsucJabp2%2Btf4RQupyPHSuhkur4suPE33KnB4bKOLoXWuwv8TjwvH1Yu5gzv4utW3u8BCHCp%2FE0Kajt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7ac24402682b5b6e-FRA
195.461912c47007775093ae.js
s7.addthis.com/static/
384 B
538 B
Script
General
Full URL
https://s7.addthis.com/static/195.461912c47007775093ae.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Wed, 22 Mar 2023 23:37:59 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-180"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
298
truncated
/
443 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
collect
region1.google-analytics.com/g/
0
254 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D9ZR5E8BN1&gtm=45je33k0&_p=798052299&cid=872619755.1679528280&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679528279&sct=1&seg=0&dl=https%3A%2F%2Fwww.picuki.com%2F&dt=Instagram%20editor%20and%20viewer%20-%20Picuki.com&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9ZR5E8BN1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7ac243fd0ce95b6e
www.picuki.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 2D08
2 B
546 B
XHR
General
Full URL
https://www.picuki.com/cdn-cgi/challenge-platform/h/g/cv/result/7ac243fd0ce95b6e
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679515200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7ac2440489465b6e-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0zrDYpSjgp565QuWwGDFA7H2bf72XNQCA4wt6I%2BY3bmOHBdms6bXm%2BFQqGs5TA8ZtGEy%2BWZJc8XyUEZrNSRLBenXsQAz7bEq0xwfhdlG2VDgBR3uqTBDyiUv%2BZCiprz"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.picuki.com%2F&domain=www.picuki.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.picuki.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 22 Mar 2023 23:37:59 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
519696
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
op.js
tagan.adlightning.com/setupad/
42 KB
17 KB
Script
General
Full URL
https://tagan.adlightning.com/setupad/op.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bf7576d155b49c73dcb858285969152fbab808c1643bbed3ec596310b550c91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
qnFA2OxHifB9hyj5NgBlNGvjxfkMMZBb
content-encoding
gzip
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
date
Wed, 22 Mar 2023 22:42:09 GMT
x-amz-cf-pop
FRA60-P4
age
3351
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
16886
x-amz-meta-git_commit
e5e97ea
last-modified
Wed, 22 Mar 2023 14:41:52 GMT
server
AmazonS3
etag
"1eca3ab701b49daa220c5c854eb5869c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
9mzrEzyudFN2og7N8lCCNQXQxhdQyDULTew0C11ePOrWd0UOSG4vZw==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230322
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f15b248094422f252d5b490dc4bd3a367901f3d8c889584b36cfbf4f31d513f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27432
x-jsd-version
1.0.1654
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-bma1672-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"63e-tspIEr5gWeUCH+LekRvjFVv9G08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNJEcSthMupfYaRdcgyPSyGftsrzAkVskgbV82IN3rsuCNeBrOJahuW4FF9EI3b%2F0Mh8JwbSC7mqHZpL25AJuh%2BPJHNjZ03SrENWKEijxcG26sRTIkwhxR0sBEVDBq%2FJAhWzh9Lu%2Bnzb4sT%2FeMI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ac24404d8809180-FRA
localstore.js
script.4dex.io/
483 B
1018 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Wed, 22 Mar 2023 23:37:59 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
221353
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cYclVWkwIxghX%2F5kMY1tI8LGDdN6L2RwhJ6ixtHN0M0NZtSDzQA5PwwpjHj8wMEtyLPOlZva%2BFj3aZqt94ShhGXInJhgyoPmuworP3bD1XS5ogky%2FLHNmjWTXTMpoPUrOVRTSVsLsyTmpUp"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7ac2440509e803e0-FRA
481.json
id5-sync.com/g/v2/
216 B
624 B
XHR
General
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
4c251997d57e44ce82f171033958a347b53b824f4637db8dea44c6f7919862fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.picuki.com%2F&domain=www.picuki.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=k7s_nnxaNitiemVtay9XalY2amw4YTF0citPRkJDWkgzTkF6RXhBWU5SWlB0OCtZM0s4Um1vYm5jZkxodjdLWXVJR0tqeTYwaVZaTm9jSTNXZ0hyMmIwN2lyWGE4UXkvT1FYUW1HeHNKN0tmM1picHNHMkpCZXhHNDNXME...
354 B
663 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=k7s_nnxaNitiemVtay9XalY2amw4YTF0citPRkJDWkgzTkF6RXhBWU5SWlB0OCtZM0s4Um1vYm5jZkxodjdLWXVJR0tqeTYwaVZaTm9jSTNXZ0hyMmIwN2lyWGE4UXkvT1FYUW1HeHNKN0tmM1picHNHMkpCZXhHNDNXMEk5ZythTUdYeldGbUZsSlRrNW9xTlZGbXFNTkZyYzZyTDBKYW1DMm10blhWL1FSQUtLelZDT3FDWFhPeldrSXFoVnl5ODR1bzBKOE9xZjdBUUg3YVBpK0hpdVVjUE9wQWRSbGdTSlQ3d0h6QTRnZTc1ZFVVPXw&cppv=2
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3d74b859c3b93a7b1a3282101b74b921e4221c3f2194a64060a6feac81d70b7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1170677
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=k7s_nnxaNitiemVtay9XalY2amw4YTF0citPRkJDWkgzTkF6RXhBWU5SWlB0OCtZM0s4Um1vYm5jZkxodjdLWXVJR0tqeTYwaVZaTm9jSTNXZ0hyMmIwN2lyWGE4UXkvT1FYUW1HeHNKN0tmM1picHNHMkpCZXhHNDNXMEk5ZythTUdYeldGbUZsSlRrNW9xTlZGbXFNTkZyYzZyTDBKYW1DMm10blhWL1FSQUtLelZDT3FDWFhPeldrSXFoVnl5ODR1bzBKOE9xZjdBUUg3YVBpK0hpdVVjUE9wQWRSbGdTSlQ3d0h6QTRnZTc1ZFVVPXw&cppv=2
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
633454
content-length
0
expires
0
cookie_sync
prebid-stag.setupad.net/
42 B
553 B
XHR
General
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8V9ENTm4wgQhuvRQUEZbIt6IwhXJ03%2FM6IlArRt2l%2FuUidHoMwpZdQkoWiAKyYUHG3XSyYEd9n0Pmb9N3PVjuuHms3tjP7%2FLAglaAQLhzElcr1PvmDve2rvIARjetERFuPHyDN1EbRP"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7ac244051baf0476-FRA
content-length
42
expires
0
auction
prebid-stag.setupad.net/openrtb2/
6 KB
3 KB
XHR
General
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68d6440eaa7eda5364c4c7b8ce88fd73bffc0ba7edbbd40a98f0d03b6c63e747

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.234.0-3-gde6ed827
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3W5yJPw%2FYwUWo7%2BPfC5BxRueDA6PsnttZ1FxvtqzhJZb%2FXb%2FviJRx5Ys2lKUKHKYB%2FzC%2BTgcsRoWJ0OLh3vVlitUC2EoL8hLsLyXhcD6HbTyGjRMnxK3oVar1xXs3US33pcVTYQi4QQO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7ac244051bb00476-FRA
expires
0
translator
hbopenbid.pubmatic.com/
5 KB
5 KB
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
486cff0c11037d55d460665863bf35222b1beeaf4f1a463c831fa46f042d6bb2

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-type
application/json
mvo
tag.1rx.io/rmp/247379/0/
0
161 B
XHR
General
Full URL
https://tag.1rx.io/rmp/247379/0/mvo?z=1r&hbv=6.6,2.1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Castricum, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid-request
onetag-sys.com/
15 B
361 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.picuki.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
btlr.sharethrough.com/universal/
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.153.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-153-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
auction
tlx.3lift.com/header/
19 B
506 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.6.0&referrer=https%3A%2F%2Fwww.picuki.com%2F&tmax=1000
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.70.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-70-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:00 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
176 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
auction
rtb.adxpremium.services/openrtb2/
2 KB
2 KB
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
9e16db4f2a59fc2f08c254fd4a9ac7502071c581af82f1bd7e5371c7705d8da2

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Mar 2023 23:37:59 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.picuki.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1836
Expires
0
cdb
bidder.criteo.com/
18 B
311 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=59680786314
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.picuki.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
mp.4dex.io/
118 B
584 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d489a1bf99c154a5e43e0756801e05a974e65f192e3a8e70c975a26f5a8e223

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Wed, 22 Mar 2023 23:37:59 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: stpd-2hrmw, Process Seats Booster. unable to get the seat booster engine for organization: 1053
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7ac244053d7d39e8-FRA
expires
0
v1
prg.smartadserver.com/prebid/
171 B
557 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.picuki.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/
0
182 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
auction
prebid-stag.setupad.net/openrtb2/
5 KB
3 KB
XHR
General
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e82aeed7c5b6132d40c31a3c5d547e3259bd25d96820b1a863785da2289f78fc

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.234.0-3-gde6ed827
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFed9sEekRmnB0IQZzIXyK9wHy5XLrzmolCFKFO0iipsxWJEuomtgEsidesqpMgmev5cNk4vgCbjYwN%2BW6Bd7R0zpZAu7o86AuGgH8KdhxOO0ixxAb3HHYTv1BifmOIQrRCJ7w3mqPBn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7ac244051bb10476-FRA
expires
0
translator
hbopenbid.pubmatic.com/
5 KB
5 KB
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b04b973a6b9c5fc2325b151e767f262deab0bbd4e8c87caaabb0419a125063ca

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-type
application/json
mvo
tag.1rx.io/rmp/247379/0/
0
162 B
XHR
General
Full URL
https://tag.1rx.io/rmp/247379/0/mvo?z=1r&hbv=6.6,2.1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Castricum, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/
18 B
311 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=87054252890
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.picuki.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
v1
prg.smartadserver.com/prebid/
171 B
557 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.picuki.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/
0
157 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.153.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-153-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
auction
tlx.3lift.com/header/
19 B
506 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.6.0&referrer=https%3A%2F%2Fwww.picuki.com%2F&tmax=1000
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.70.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-70-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/
0
327 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
prebid
mp.4dex.io/
118 B
264 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fc5d0fecb447bacc1f3f06ce47e111a057958955cf8ede38e404ea17e1578b1

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Wed, 22 Mar 2023 23:37:59 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: stpd-vuakf, Process Seats Booster. unable to get the seat booster engine for organization: 1053
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7ac244053d7e39e8-FRA
expires
0
prebid-request
onetag-sys.com/
15 B
362 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.picuki.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
176 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
auction
rtb.adxpremium.services/openrtb2/
2 KB
2 KB
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
8eab781381613af4f57c3d9055b21f3ab327a9b5c4db46c3842b5dcd52b62f10

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Mar 2023 23:37:59 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.picuki.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1836
Expires
0
auction
prebid-stag.setupad.net/openrtb2/
5 KB
3 KB
XHR
General
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7663e58e7d862654c5c1dfda8450e4aefe0cf4c7877b6395d4c7429fd30e8bf4

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.234.0-3-gde6ed827
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaaEi5UQFPF6UyoBI42yAD9UUIpTBgwfDcy90gBXhdAnvJeFEzYpP2X2p0ZOlbB17hlnzxdNWeFuNgtHsVLkrIzY9iYVCLHwPa6Dy19PoyLRehsiQT2jfjZFnO9jUaQZanxyMfg0lwZt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7ac244051bb80476-FRA
expires
0
prebid
mp.4dex.io/
118 B
263 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf1e913b78112623c2ef119fdd078a2f6f8fe8e9700e895576934cfd0208e79a

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Wed, 22 Mar 2023 23:37:59 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: stpd-2i3zfk, Process Seats Booster. unable to get the seat booster engine for organization: 1053
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7ac244053d7f39e8-FRA
expires
0
v1
prg.smartadserver.com/prebid/
171 B
557 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:00 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.picuki.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
177 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
mvo
tag.1rx.io/rmp/247379/0/
0
161 B
XHR
General
Full URL
https://tag.1rx.io/rmp/247379/0/mvo?z=1r&hbv=6.6,2.1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Castricum, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/
18 B
312 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=79894250987
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.picuki.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
translator
hbopenbid.pubmatic.com/
5 KB
5 KB
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b3629dc07b8f31020ea260cb8a39c22c1ada03e66ebbb852bb5130ffab3d6a1c

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-type
application/json
prebid-request
onetag-sys.com/
15 B
361 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.picuki.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
auction
tlx.3lift.com/header/
19 B
507 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.6.0&referrer=https%3A%2F%2Fwww.picuki.com%2F&tmax=1000
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.70.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-70-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
accept-ch
sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
rtb.adxpremium.services/openrtb2/
2 KB
2 KB
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
5d642ca2e7830ea9c669fcca0622795b67adf4f27567724869a1ca6daf3d0184

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Mar 2023 23:37:59 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.picuki.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1836
Expires
0
c
prebid.a-mo.net/a/
0
182 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
v1
btlr.sharethrough.com/universal/
0
157 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.153.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-153-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
auction
prebid-stag.setupad.net/openrtb2/
42 KB
11 KB
XHR
General
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bafd2b1feab93e19b15dd831bfe1cc4c8181c780bbdc090aee02ffe3a500197

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.234.0-3-gde6ed827
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkAyi4S1JtKfjH3Gp2Bc4%2B%2FRvx8hq49xZTJ6mwCTnELIU0flIQ8m%2Fm3TA3AsK2s%2F%2BwFkl%2FcWswjuvN%2FBPkjg01v7r%2FQoOJXymI8n1hIvpLWrcyg7hYUPlViv7cz%2Bc7lHsRA7q9AuV48U"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7ac244054bc80476-FRA
expires
0
auction
rtb.adxpremium.services/openrtb2/
2 KB
2 KB
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c079c3c66c3fb4e3c7feb0f039e3547dd82f8216d880aca1024c558ec52211ed

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Mar 2023 23:37:59 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.picuki.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1836
Expires
0
prebid-request
onetag-sys.com/
15 B
361 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.picuki.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
prg.smartadserver.com/prebid/
171 B
557 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.picuki.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/
171 B
557 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.picuki.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/
171 B
562 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:00 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.picuki.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/
171 B
557 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.picuki.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/
171 B
557 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.picuki.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/
171 B
557 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.picuki.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/
171 B
557 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.picuki.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/
171 B
562 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.picuki.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/
118 B
614 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb41b821987d17c2eeeaa874a757a1deae423cb1981f2334ce181ab6018ab13

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Wed, 22 Mar 2023 23:37:59 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: picuki.com_1200x300_1, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: picuki.com_1200x300_2, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: picuki.com_1200x300_3, Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: picuki.com_728x90_anchor, Process Floors. 5 inventory rules not found for mediatype: banner and adUnitCode: picuki_com_336x600_sticky_sidebar_desktop_1, Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: stpd-2hrmw, Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: stpd-vuakf, Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: stpd-2i3zfk, Process Seats Booster. unable to get the seat booster engine for organization: 1053
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7ac244055d9739e8-FRA
expires
0
translator
hbopenbid.pubmatic.com/
35 KB
35 KB
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3621482d3a2dbb039f5f61cfe06ba73f0ae2aacefc3f05813257fa5ce2069962

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-type
application/json
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
176 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
auction
tlx.3lift.com/header/
29 KB
9 KB
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.6.0&referrer=https%3A%2F%2Fwww.picuki.com%2F&tmax=1000
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.70.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-70-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0b3151e785d02ba7d67b3c8227c283a9e8b2ded26152a1d4fda1d1dc68fd26a8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:00 GMT
content-encoding
gzip
accept-ch
sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
9076
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
mvo
tag.1rx.io/rmp/247379/0/
0
161 B
XHR
General
Full URL
https://tag.1rx.io/rmp/247379/0/mvo?z=1r&hbv=6.6,2.1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Castricum, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/
0
185 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
server
envoy
vary
origin, Accept-Encoding
v1
btlr.sharethrough.com/universal/
0
157 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.153.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-153-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
157 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.153.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-153-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
157 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.153.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-153-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
157 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.153.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-153-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
157 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.153.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-153-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
157 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.153.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-153-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
157 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.153.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-153-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
157 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.153.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-153-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.picuki.com
date
Wed, 22 Mar 2023 23:37:59 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
cdb
bidder.criteo.com/
18 B
311 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=19760420793
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Mar 2023 23:37:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.picuki.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
collect
www.google-analytics.com/j/
1 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=798052299&t=pageview&_s=1&dl=https%3A%2F%2Fwww.picuki.com%2F&ul=en-us&de=UTF-8&dt=Instagram%20editor%20and%20viewer%20-%20Picuki.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=897115832&gjid=336570019&cid=872619755.1679528280&tid=UA-153071106-1&_gid=2124736237.1679528280&_r=1&gtm=457e33k0&z=1724758857
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:37:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=k7s_nnxaNitiemVtay9XalY2amw4YTF0citPRkJDWkgzTkF6RXhBWU5SWlB0OCtZM0s4Um1vYm5jZkxodjdLWXVJR0tqeTYwaVZaTm9jSTNXZ0hyMmIwN2lyWGE4UXkvT1FYUW1HeHNKN0tmM1picHNHMkpCZXhHNDNXMEk5ZythTUdYeldGbUZsSlRrNW9xTlZGbXFNTkZyYzZyTDBKYW1DMm10blhWL1FSQUtLelZDT3FDWFhPeldrSXFoVnl5ODR1bzBKOE9xZjdBUUg3YVBpK0hpdVVjUE9wQWRSbGdTSlQ3d0h6QTRnZTc1ZFVVPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 22 Mar 2023 23:37:59 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
417820
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
b-e5e97ea-2c27eb81.js
tagan.adlightning.com/setupad/
90 KB
33 KB
Script
General
Full URL
https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e6dd1896697508ea1cc1c6ca540a793f0fe81dcb672ea9d142eec2bdeec9af7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 09:07:21 GMT
content-encoding
gzip
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-version-id
.AOVBOUQY.N4a8v3h8HNEvE27voN2L4C
x-amz-cf-pop
FRA60-P4
age
52240
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33688
x-amz-meta-git_commit
e5e97ea
last-modified
Mon, 13 Mar 2023 16:10:51 GMT
server
AmazonS3
etag
"783066d38b6a9de79188b85b96729ae6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
edVNbLGgJkDA_0XiPOFZPhykO8fCfIUPpURdTlWHhutrZHh4D52RpQ==
bl-6efaaf7-b0de7e4a.js
tagan.adlightning.com/setupad/
35 KB
16 KB
Script
General
Full URL
https://tagan.adlightning.com/setupad/bl-6efaaf7-b0de7e4a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20fa5cec446521721147c056fe9d60348994dfc7d5f5606469f7555d75be80c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 14:41:54 GMT
content-encoding
gzip
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-version-id
LJn_U1khnz3x8zjPE9iB_7vKzinCPk6D
x-amz-cf-pop
FRA60-P4
age
32167
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15513
x-amz-meta-git_commit
6efaaf7
last-modified
Wed, 22 Mar 2023 14:41:29 GMT
server
AmazonS3
etag
"18eaaf9275767ddd39c2380abcfc3cf5"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
O0fEh7EJhrhhfptlX9YWaH4coG7F_AVlrWwlDbFXHiz6jWUOaB2NeA==
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.picuki.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.picuki.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
690 B
393 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3343492961150122&correlator=4393865729402356&eid=31072020%2C31073284%2C31073291%2C31073318%2C44785728%2C31068826&output=ldjh&gdfp_req=1&vrg=2023031601&ptt=17&impl=fifs&iu_parts=22763003210%2Cpicuki.com_300x250_desktop_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=4204841680&didk=2591280642&sfv=1-0-40&prev_scp=hb_rf%3D0&eri=1&cust_params=origin%3Ddirect%26ECT%3D4g&sc=1&cookie_enabled=1&abxe=1&dt=1679528280230&lmt=1679528280&dlt=1679528278682&idt=1092&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.picuki.com%2F&frm=20&vis=1&psz=1200x0&msz=0x0&fws=132&ohw=1200&ga_vid=872619755.1679528280&ga_sid=1679528280&ga_hid=798052299&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95342346629d7782d976bf75fa34906fb0fd0569e0a4c3bb36eedf4bd370b755
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
363
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
254b5bdb058f039551152afc776be7c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B74B
6 KB
3 KB
Document
General
Full URL
https://254b5bdb058f039551152afc776be7c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Mar 2023 23:38:00 GMT
expires
Thu, 21 Mar 2024 23:38:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
545 B
301 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3343492961150122&correlator=1446082657140972&eid=31072020%2C31073284%2C31073291%2C31073318%2C44785728%2C31068826&output=ldjh&gdfp_req=1&vrg=2023031601&ptt=17&impl=fifs&iu_parts=22763003210%2Cpicuki.com_300x250_desktop_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=2850989483&didk=2851324472&sfv=1-0-40&prev_scp=hb_rf%3D0&eri=1&cust_params=origin%3Ddirect%26ECT%3D4g&sc=1&cookie_enabled=1&abxe=1&dt=1679528280260&lmt=1679528280&dlt=1679528278682&idt=1092&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.picuki.com%2F&frm=20&vis=1&psz=1200x0&msz=0x0&fws=132&ohw=1200&ga_vid=872619755.1679528280&ga_sid=1679528280&ga_hid=798052299&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
018b0b4214fd5ab82a6742f40a1bb8645463e66c0f0a23a65d5a453596bedea1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
545 B
313 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3343492961150122&correlator=3988705024804071&eid=31072020%2C31073284%2C31073291%2C31073318%2C44785728%2C31068826&output=ldjh&gdfp_req=1&vrg=2023031601&ptt=17&impl=fifs&iu_parts=22763003210%2Cpicuki.com_300x250_desktop_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=3901804584&didk=3216657157&sfv=1-0-40&prev_scp=hb_rf%3D0&eri=1&cust_params=origin%3Ddirect%26ECT%3D4g&sc=1&cookie_enabled=1&abxe=1&dt=1679528280279&lmt=1679528280&dlt=1679528278682&idt=1092&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.picuki.com%2F&frm=20&vis=1&psz=1152x0&msz=0x0&fws=132&ohw=1152&ga_vid=872619755.1679528280&ga_sid=1679528280&ga_hid=798052299&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c0ef66f614cd603094c2f401196c06be3a119d1219e872c44548f7da030f396
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
283
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/
74 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Wed, 22 Mar 2023 23:38:00 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
400175
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQSPOFDDtvYb%2B%2F4YgFZZdtZPtAVP8Uz45BN2DJbbKLEbavRNgRYjVI5scoyekDPJPFLf%2Fo%2FxjoX%2FhOdhEyqwnoPq1D8de7aUM7JsdNUS5CYAvrAQOsU0OF%2FLQkc0%2F%2FKELxFGene6ya6N79ZN"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7ac24407e8709bbf-FRA
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f64bc87e5639e957bad1eb1210185fcad42c1354f9f602ea52fef1f282886ecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11065
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Mar 2023 23:38:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.picuki.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.picuki.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
83 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3343492961150122&correlator=335683110330151&eid=31072020%2C31073284%2C31073291%2C31073318%2C44785728%2C31068826%2C676982996&output=ldjh&gdfp_req=1&vrg=2023031601&ptt=17&impl=fifs&iu_parts=22763003210%2Cpicuki.com_1200x300_desktop_1%2Cpicuki.com_728x90_anchor_desktop_3%2Cpicuki.com_336x600_sticky_sidebar_desktop_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x250%7C728x90%7C970x90%7C1300x300%7C980x300%7C1200x200%7C1100x200%7C1000x200%7C1000x250%7C970x300%7C980x240%7C980x120%7C970x200%7C970x120%7C728x100%7C728x250%2C970x250%7C728x90%7C970x90%7C1300x300%7C980x300%7C1200x200%7C1100x200%7C1000x200%7C1000x250%7C970x300%7C980x240%7C980x120%7C970x200%7C970x120%7C728x100%7C728x250%2C970x250%7C728x90%7C970x90%7C1300x300%7C980x300%7C1200x200%7C1100x200%7C1000x200%7C1000x250%7C970x300%7C980x240%7C980x120%7C970x200%7C970x120%7C728x100%7C728x250%2C970x90%7C728x90%7C970x50%7C960x90%7C950x90%2C300x600%7C336x600%7C160x600%7C300x250%7C336x336%7C336x320%7C320x320%7C300x300%7C336x280%7C320x250%7C320x336&ifi=4&adks=2785966052%2C2785966053%2C2785966054%2C401243216%2C2359949449&didk=3162251899~3162251896~3162251897~975260230~1062014315&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.07%26hb_adid%3D256d241c370a724%26hb_bidder%3Dtriplelift%7Chb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.03%26hb_adid%3D250916070cf6b376%26hb_bidder%3DpubmaticS2S%7Chb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.03%26hb_adid%3D25186ba23d80d828%26hb_bidder%3DpubmaticS2S%7Chb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.03%26hb_adid%3D255a0a518bbbb5db%26hb_bidder%3DpubmaticS2S%7C&eri=1&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&sc=1&cookie=ID%3Db9cbfcf34bcb2d5a%3AT%3D1679528280%3AS%3DALNI_MboHyQaDHz5VaMDOy3MZcyiZrhWtw&gpic=UID%3D00000bcaf32acdb7%3AT%3D1679528280%3ART%3D1679528280%3AS%3DALNI_Ma3SpW67phvWYufIX0UI3UDIjw2AQ&abxe=1&dt=1679528280776&lmt=1679528280&dlt=1679528278682&idt=1092&adxs=200%2C224%2C200%2C315%2C-9&adys=143%2C536%2C1585%2C1110%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C0%7C-1&ucis=4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.picuki.com%2F&frm=20&vis=1&psz=1200x0%7C1152x0%7C1200x0%7C1600x-1%7C0x-1&msz=1200x0%7C1152x0%7C1200x0%7C970x-1%7C0x-1&fws=4%2C4%2C4%2C512%2C2&ohw=1200%2C1152%2C1200%2C0%2C0&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=872619755.1679528280&ga_sid=1679528280&ga_hid=798052299&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
074cd897ac4a2874f091dd1ef85b1259fc8808734d54055d0f0c640058cfe5dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13147
x-xss-protection
0
google-lineitem-id
6181562819,6181562813,6181562813,6181562813,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138417123958,138417123298,138417123991,138417123898,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.picuki.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CEA3
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
37012
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Mar 2023 13:21:08 GMT
expires
Thu, 21 Mar 2024 13:21:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3043
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fff27cb185a139aa502468d8a3598efe8a9ea87135478304bf08191f99841b02
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6ef-82VgAKZfIksmYEV8-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-6ef-82VgAKZfIksmYEV8-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 22 Mar 2023 23:38:00 GMT
expires
Wed, 22 Mar 2023 23:38:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Mar 2023 23:38:00 GMT
t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js
pagead2.googlesyndication.com/bg/ Frame CEA3
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 16:08:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
113372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14115
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Mar 2024 16:08:28 GMT
b-e5e97ea-2c27eb81.js
tagan.adlightning.com/setupad/ Frame 0EA7
90 KB
33 KB
Script
General
Full URL
https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e6dd1896697508ea1cc1c6ca540a793f0fe81dcb672ea9d142eec2bdeec9af7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 09:07:21 GMT
content-encoding
gzip
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-version-id
.AOVBOUQY.N4a8v3h8HNEvE27voN2L4C
x-amz-cf-pop
FRA60-P4
age
52241
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33688
x-amz-meta-git_commit
e5e97ea
last-modified
Mon, 13 Mar 2023 16:10:51 GMT
server
AmazonS3
etag
"783066d38b6a9de79188b85b96729ae6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
NaunhkS-fZbYBP-eWXVX9y4FcP5dFb5md3mZNIhqcnys6zwINNL7tw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0EA7
158 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49540
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1679312138029146"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 23:38:01 GMT
b-e5e97ea-2c27eb81.js
tagan.adlightning.com/setupad/ Frame 8AD5
90 KB
33 KB
Script
General
Full URL
https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e6dd1896697508ea1cc1c6ca540a793f0fe81dcb672ea9d142eec2bdeec9af7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 09:07:21 GMT
content-encoding
gzip
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-version-id
.AOVBOUQY.N4a8v3h8HNEvE27voN2L4C
x-amz-cf-pop
FRA60-P4
age
52241
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33688
x-amz-meta-git_commit
e5e97ea
last-modified
Mon, 13 Mar 2023 16:10:51 GMT
server
AmazonS3
etag
"783066d38b6a9de79188b85b96729ae6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
48LTMDA2x2wHfuCxx5BUXJzVRB5Z_s1YNsq3fSXBg17ruuhZRLZLOA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8AD5
158 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49540
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1679312138029146"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 23:38:01 GMT
b-e5e97ea-2c27eb81.js
tagan.adlightning.com/setupad/ Frame 0525
90 KB
33 KB
Script
General
Full URL
https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e6dd1896697508ea1cc1c6ca540a793f0fe81dcb672ea9d142eec2bdeec9af7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 09:07:21 GMT
content-encoding
gzip
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-version-id
.AOVBOUQY.N4a8v3h8HNEvE27voN2L4C
x-amz-cf-pop
FRA60-P4
age
52241
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33688
x-amz-meta-git_commit
e5e97ea
last-modified
Mon, 13 Mar 2023 16:10:51 GMT
server
AmazonS3
etag
"783066d38b6a9de79188b85b96729ae6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
-vAW9z_cD5R4I109T3_t0kPzCvmeTdotRPwLBcXeNIRhimkuWSiJQQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0525
158 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49540
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1679312138029146"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 23:38:01 GMT
node.php
node.setupad.com/node/
0
209 B
XHR
General
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 22 Mar 2023 23:38:01 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
node.php
node.setupad.com/node/
0
208 B
XHR
General
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 22 Mar 2023 23:38:01 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
node.php
node.setupad.com/node/
0
208 B
XHR
General
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 22 Mar 2023 23:38:01 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
b-e5e97ea-2c27eb81.js
tagan.adlightning.com/setupad/ Frame E7CD
90 KB
33 KB
Script
General
Full URL
https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e6dd1896697508ea1cc1c6ca540a793f0fe81dcb672ea9d142eec2bdeec9af7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 09:07:21 GMT
content-encoding
gzip
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-version-id
.AOVBOUQY.N4a8v3h8HNEvE27voN2L4C
x-amz-cf-pop
FRA60-P4
age
52241
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33688
x-amz-meta-git_commit
e5e97ea
last-modified
Mon, 13 Mar 2023 16:10:51 GMT
server
AmazonS3
etag
"783066d38b6a9de79188b85b96729ae6"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
aA9cmp0yaTEEVZB9CDyZWKZCVSzYMOLxBc4cO5OoM7ZRFNljqtwaCQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E7CD
158 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49540
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1679312138029146"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 23:38:01 GMT
node.php
node.setupad.com/node/
0
208 B
XHR
General
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 22 Mar 2023 23:38:01 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 0EA7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvItv3Ge4IDjpJm-FWdrHmcuwSTZYa183GQm4wIiUXwZyI2KL6cK8kg64Bevg-5QQFcSanY-sgm6Pc8j1lK6XBcWSp9etyJYiRPUAmrrdJRKIr4kWowaJam-Z6FPuVfqDKIXZSMaRv7KYr4Awl-sr-S7nsEK7fjzcGkZ-9mzH1ZbCBf2OfePcTKnw4tWe8rgyeGE7nHzTjbNTtNmfTpTZbjYxjTGhSthE4ksBITPUpNSvOHLb3HwfJhZ2N9dBg5TKU46UXlOsf5WccuuxMtP4qL124EILWMSDhNyxPl_KlpRXKK-f_-wSTiMUwHYozddn1-d5dvr1OZDo2vcexz6x7WTh89OYD9&sai=AMfl-YQmSBykE75vLeiz9EQhJp9ArgDTa3CbgjVbgoTwdE3gi8djnEQydTc6mDacT3TcIgV0pmi-mEwfbMNGE8torAY5UgaULWCXPRqL_IEi2s1KjXWmavBQEfEnrsgAZNA&sig=Cg0ArKJSzFafj1Y7ZXk5EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ttj
ib.3lift.com/ Frame 0EA7
16 KB
5 KB
Script
General
Full URL
https://ib.3lift.com/ttj?inv_code=SETUPAD_RON_970x250_Prebid&tid=215
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-84.fra60.r.cloudfront.net
Software
/
Resource Hash
074e1f0a26378aa8047fe458504058d9e1c3c4775cb57790822abb70af2a18dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:26:25 GMT
content-encoding
gzip
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
727
etag
"48c096043320370748fff96f6ba905b0b196ea7b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
content-length
5035
x-amz-cf-id
mJHCnQlqSkyur4GhwmmCE4NBrMcr14v3XUrTww3A8_2_BqKRSurlNw==
notify
tlx.3lift.com/header/ Frame 0EA7
37 B
220 B
Image
General
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.0723&ts=1679528279&aid=2018735542396918170290&ec=7354_111799_61989835&n=GgDyAsIBCAASFjIwMTg3MzU1NDIzOTY5MTgxNzAyOTAYACABKLo5MLfpBkABSAFQAWAKaABwl8MGkAEAmAEAqAEAuAEFwAGcAcgBwQHwAdcB%2BAHBAYACnAGRAgAAAAAAAPA%2FmQJSuB6F61HIP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4ApA3gAPYBYgDWpADAJgDAKADALgD1KIGyAMA0gMINjE5ODk4MzXgA4LF7T7pAwAAAAAAAAAA8APBAfkDAAAAAAAAAAD4AgyIAwCSAwRBRDIwmAMAoAP9%2FhWoAwA%3D
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.70.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-70-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 22 Mar 2023 23:38:01 GMT
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8AD5
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstL5CFfYOjfxTItP5HOx0MviEvwsY3I4bk2N_v1Q1ucN1FdLsYjaPb3sEmzvalNYiEUVgSifyiVS8hjEK6dWo1pyizw4hXHD_OiZweBgeddBSohCloEkiKmb9bidSNa5eY9hjnWx0dczMMNWB-H60_BJw5PoezEjX8YOwmo-zuZnuaHY5ehIOZdGnsaqXxWN-hcKVG4BrrUSRBuQbp9WAu6Z5fFwL1N_-5Dosx_bOYG51_dufAU2YEN5G8CH1pT7QMN6IvB2ZvP8BKnqVpUAXaSsIVG4VFaSMbl-7GNt10jxk6Z8D-Evrp769TorDXGjd9vmOqsO4qWqt-dT67tbJ4fpWU8Zv1p&sai=AMfl-YS2YcRDxgIJKHTm3Ch41ar4VFpW--_OeBxXL9_Fxpx0wfdLtgq_u5rPkvrv5gb14YVkOd6g300fg2Pmxye7_eCXnXK0K0VaVZxL3GSrdOTe16_MKAl2kVIvzTNchu8&sig=Cg0ArKJSzIvP9Hb_COqdEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ipromNS.js
cdn.ipromcloud.com/ Frame 8AD5
62 KB
19 KB
Script
General
Full URL
https://cdn.ipromcloud.com/ipromNS.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
addcde93d707ccea300c55822ceaef078c181ae0f7557eb1965e9016fc16cfbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:01 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
1965
cf-polished
origSize=63851
referrer-policy
no-referrer
cf-bgj
minify
last-modified
Tue, 14 Mar 2023 13:02:56 GMT
server
cloudflare
etag
W/"64107080-f96b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7ac244120ffc910a-FRA
showad.js
ads.pubmatic.com/AdServer/js/ Frame D299
39 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=23732
content-encoding
gzip
content-length
14445
content-type
text/html
date
Wed, 22 Mar 2023 23:38:01 GMT
expires
Thu, 23 Mar 2023 06:13:33 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame FFCA
0
91 B
Document
General
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=748569&adId=3125413&imprId=6D7053AF-3469-4A86-8853-8431F336BA99&cksum=A89022CB6F11E6FC&adType=10&adServerId=243&kefact=0.092369&kaxefact=0.092369&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1679528279&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.131956&dcId=3&tldId=0&passback=0&svr=BID22615U&adsver=_2255257266&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=V5EbZMsCDwAg6k0P7MovqP8zajl9pmtn0F-lWmUD0CoR2arH&ekaxefact=V5EbZNkCDwA6z7OziAhs5BszTAk93Ajn4bna2LfiPV9R3BZ9&ekpbmtpfact=V5EbZOUCDwD-MwiwY1GVMcpROq8NfTxsTazWAlr7O9JuK8N4&enpp=V5EbZPECDwAH6CsAbOJ9rC40sJr6J-rQxNPmxdzjFp3dFFPR&pfi=1&domId=305040806987421129&dc=AMS&crID=1050892&lpu=www.inotherm-tuer.de&ucrid=2785267993821263654&campaignId=23357&creativeId=0&pctr=0.000000&wDSPByrId=42901&wDspId=1277&wbId=2&wrId=0&wAdvID=1490501&wDspCampId=185767&isRTB=1&rtbId=84E00637-E92A-4855-B69E-4C7479C755E7&ver=6&dateHr=2023032223&oid=6D7053AF-3469-4A86-8853-8431F336BA99&cntryId=58&domain=picuki.com&sec=1&pAuSt=2&wops=0&sURL=picuki.com&BrID=5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 22 Mar 2023 23:38:00 GMT
expires
0
pragma
no-cache
syncframe
gum.criteo.com/ Frame 53B6
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.picuki.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 22 Mar 2023 23:38:01 GMT
server
Kestrel
server-processing-duration-in-ticks
704780
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/
89 KB
29 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Mar 2023 23:38:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0525
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG4-majIYazehNg21c1wz7pbrIxHRrf1VdwLn0mfnHyz_7dpj2_s7Axm7GjpEvWUKY2zTDDiHs9d1MWcacPjKdpKPH2FqOzEY51paCRd0QOLRB8fAb9vgYqfELrYJrqLMywuXkTXnyZLpjTYpTYD5R9_hQ8o8UsjVWS2e9X-Emj7A4NQ48Yw9LiD4ndvWJCmoVGFz96MVSy73eBGx1y7js_cNUGjCCmTvzLXE-jS5mr7V0G_mWg2aBtkBETLTyAvPRz4Uyu_bGZtIM6LS2ul1rCNv9S6z0oR1gPYEW2fRbpbHP19E0hgNw_sy8Bi09wbuWfjmT94Ff6EJ5hZBuf00zrrUvDljx&sai=AMfl-YTPzQVEGzzNsMUa7M3AL02t5QL4hKi2rpsl31sduQBq8Xa7Zy_vy1CKYuiJ1BwZHJFkrBSv4iLu5JU-RmTYziaEdJVHc97mKR2oLEqeni_64IZd0g2CHskkB_VklHw&sig=Cg0ArKJSzPtX6GyhXkNPEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ipromNS.js
cdn.ipromcloud.com/ Frame 0525
62 KB
18 KB
Script
General
Full URL
https://cdn.ipromcloud.com/ipromNS.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
addcde93d707ccea300c55822ceaef078c181ae0f7557eb1965e9016fc16cfbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
1966
cf-polished
origSize=63851
referrer-policy
no-referrer
cf-bgj
minify
last-modified
Tue, 14 Mar 2023 13:02:56 GMT
server
cloudflare
etag
W/"64107080-f96b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7ac24412c890910a-FRA
showad.js
ads.pubmatic.com/AdServer/js/ Frame D884
39 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=23731
content-encoding
gzip
content-length
14445
content-type
text/html
date
Wed, 22 Mar 2023 23:38:02 GMT
expires
Thu, 23 Mar 2023 06:13:33 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame 1092
0
49 B
Document
General
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=748569&adId=3125413&imprId=C35A6602-53FD-45B1-B3B6-F18A172AD27D&cksum=EA639AA74A94A6C9&adType=10&adServerId=243&kefact=0.092369&kaxefact=0.092369&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1679528279&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.131956&dcId=3&tldId=0&passback=0&svr=BID22448U&adsver=_3167765704&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=V5EbZMUDDwBTdPmkvsrm7vqzTUOrVTXvuH8HOARRKQ_mtJm1&ekaxefact=V5EbZNEDDwCu46kZd5wefBPAbNG01S0ETd1ykWgD4RQfr37w&ekpbmtpfact=V5EbZNoDDwBiQPj7p3vW8bYj6N1RgJnYIEAXtzUY0df0G1MR&enpp=V5EbZOMDDwBJhExHPPkWIpFlg1gGr-MQ6aAUWq94HBFaaYHi&pfi=1&domId=305040806987421129&dc=AMS&crID=1050892&lpu=www.inotherm-tuer.de&ucrid=2785267993821263654&campaignId=23357&creativeId=0&pctr=0.000000&wDSPByrId=42901&wDspId=1277&wbId=2&wrId=0&wAdvID=1490501&wDspCampId=185767&isRTB=1&rtbId=3AE2C007-122A-469B-A258-3BF264A737FC&ver=5&dateHr=2023032223&oid=C35A6602-53FD-45B1-B3B6-F18A172AD27D&cntryId=58&domain=picuki.com&sec=1&pAuSt=2&wops=0&sURL=picuki.com&BrID=5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 22 Mar 2023 23:38:00 GMT
expires
0
pragma
no-cache
view
securepubads.g.doubleclick.net/pcs/ Frame E7CD
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZDRm5zdGo0ok1njFAGFlOVNWIJAPZSIDJ0RzAGx9vPMvWBWSJTZD_kRRbTprPmEo42YRjWl0lmd0hsaHCfHuGEZg0l-IIvhu-uMwfUN_1C8nZh2jLXmF7mm4ogw9vubKHcOV5FqLRsh3h_tBhRvJTCpFUWrKbjvRbj1c5USwgMaZFbOn6R-oFnAPSR3D_z-R_KzYXp3KzzJekZ1DQKCQcLA60LXLejgCZ3IHMma13AcAE8l77ok5SB5crGeyO6n3dcfddBMk_KS3LGhmpSPK_KoTjU-kkSy4WiYyeMOkI5uelaE0tDiPx3ofPyGHZBfhtLCcLBu_PqRPd9sjN6N3iIl129Llvxc1191w&sai=AMfl-YTJMbr7tlsv_ePwFdSAYXuwFw2NflHSz51prQu5p1JfwjiaJS5AC7Q90Ach60s4TrRA3sk9plFYHmGTnrftwUF-1Mw_A4cyxCTViIz6Rj1iTxbLbF0w_WtVhkECtCE&sig=Cg0ArKJSzA0d7Aoo3wxDEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame FC0F
261 B
457 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYh-mA4wEwAQ&v=APEucNW1LBM8CXjyIiOB_4XHdTrpeRH6-Ykp1VYtbJyv2UURzKsftYKIQM7Z-lInXYqIbbEolfXvyzYgP4rY1utmrGnVfbd_C4WoW46QVBIbf6Z-XkdRgs59Xncnwid97AjUcGXrr8ZcR8dWIVPesuOcdV0Pc8wb0Ie7cxxNnjD8AEFLYjHF29zgyqxd07eT9WQL-NkPmf5g
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Mar 2023 23:38:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E7CD
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 22 Mar 2023 23:38:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7CD
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DcSXwqmiw0fmmabTnP57kXjO0xtC-_ii5oP8V40-T44QbkASl49mizpoUAgraEbHD9JsgaDuNN1nbAQOXfPU_2AOeT4h5KsyHuaU9QzwnAXfFJQUw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7CD
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=181057053735362612&x=6&ct=77
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame E7CD
16 KB
7 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 23 Mar 2023 00:36:04 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3043
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023031601&jk=3343492961150122&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

truncated
/ Frame 8AD5
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1c3837e971eee6231e1cf1d87ed2290d6507864d2219896a2f8be1b3a4b3492

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0525
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42b917574b00dc2d80d331eedd742aa3affe86a931b55e37de2010c271bc8410

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
bundle.js
ib.3lift.com/rev/beecd2b912f596244487986e4b2211b69d49a59b/dist/ Frame 0EA7
177 KB
57 KB
Script
General
Full URL
https://ib.3lift.com/rev/beecd2b912f596244487986e4b2211b69d49a59b/dist/bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-84.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
377cda39bb732164e6e11ff91a824fc1e536ecad53a9c1d3696f539ffa014a4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:02:11 GMT
content-encoding
gzip
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 18:01:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
20152
etag
"709c6b8fb386813b155ba9b4f45b2b46"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
57817
x-amz-cf-id
LO0yka42_vM8_rNRrxMZbJJTKcaQQgnKA3ceycEHjAeBPSRFpk26GA==
truncated
/ Frame 0EA7
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adfefec9547f03b56e25ee1938a6b960f8dc52a1528dd71ecb7b8cf9aa0ca1c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
sid
mug.criteo.com/ Frame 53B6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=picuki.com&sn=ChromeSyncframe&so=3&topUrl=www.picuki.com&bundle=kC0m_F9pWENpakZrdWxJQXhBNXZkNmExemh0cEtFaUNWUkdRZGI1YmdSM080dm1uWlZja3ZqNC...
  • https://mug.criteo.com/sid?cpp=LT4kDHw0S1E0d1VqMy85a29sT1B1c1R0Y1BwMnczWVl6TjVmckN2YXhnSDc4c2cxNnRmTTdXR05tQkhCU0VUa0h0L2MrdHBWMWRUa0RLZ2Z0ZEZmNnpoR2RsaURGWVo0d2tWSmdrZ29GNWwwWFRxTzRHUE8zMDA4MEFtcD...
431 B
652 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=LT4kDHw0S1E0d1VqMy85a29sT1B1c1R0Y1BwMnczWVl6TjVmckN2YXhnSDc4c2cxNnRmTTdXR05tQkhCU0VUa0h0L2MrdHBWMWRUa0RLZ2Z0ZEZmNnpoR2RsaURGWVo0d2tWSmdrZ29GNWwwWFRxTzRHUE8zMDA4MEFtcDU2dTVRcHpjTlR1RWpoNGVJcWlabTg4bzM4ZEpDdWYwWDdCL0dPR1QvUDQzcHQ5NkRpKzBOZUE1SXluVjI4RGQrUFl4TjgwVURXWThXMTNkTWlSb0tXQm1MNlpVZll6QnVSWDJHN21JR3MyaWtqQXFzYUdmREliZm5TaTlscVlHUFIrQWx6UVZGWUg2Mmxtd01MY3dWR2phNmhkNCtHUT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7ab3e9ed086ba5125079d02de3bbf7d00672003be1097989987d435917f72fe0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2095898
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=LT4kDHw0S1E0d1VqMy85a29sT1B1c1R0Y1BwMnczWVl6TjVmckN2YXhnSDc4c2cxNnRmTTdXR05tQkhCU0VUa0h0L2MrdHBWMWRUa0RLZ2Z0ZEZmNnpoR2RsaURGWVo0d2tWSmdrZ29GNWwwWFRxTzRHUE8zMDA4MEFtcDU2dTVRcHpjTlR1RWpoNGVJcWlabTg4bzM4ZEpDdWYwWDdCL0dPR1QvUDQzcHQ5NkRpKzBOZUE1SXluVjI4RGQrUFl4TjgwVURXWThXMTNkTWlSb0tXQm1MNlpVZll6QnVSWDJHN21JR3MyaWtqQXFzYUdmREliZm5TaTlscVlHUFIrQWx6UVZGWUg2Mmxtd01MY3dWR2phNmhkNCtHUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
894264
content-length
0
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame D299
1 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46671792&p=156191&s=748569&a=0&ptask=DSP&np=0&fp=1&rp=0&mpc=6&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
fbedc9a20f53c8194d39245860b6c2398395081e4f738a4ed5ea1baf02075aa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 22 Mar 2023 23:38:02 GMT
content-length
1254
content-type
text/html; charset=UTF-8
m
ad.yieldlab.net/ Frame FC0F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDoEJ6BXw63uTR6Ucwj-LTI&google_cver=1
0
525 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDoEJ6BXw63uTR6Ucwj-LTI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYh-mA4wEwAQ&v=APEucNW1LBM8CXjyIiOB_4XHdTrpeRH6-Ykp1VYtbJyv2UURzKsftYKIQM7Z-lInXYqIbbEolfXvyzYgP4rY1utmrGnVfbd_C4WoW46QVBIbf6Z-XkdRgs59Xncnwid97AjUcGXrr8ZcR8dWIVPesuOcdV0Pc8wb0Ie7cxxNnjD8AEFLYjHF29zgyqxd07eT9WQL-NkPmf5g
Protocol
HTTP/1.1
Server
23.45.237.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-237-121.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Mar 2023 23:38:02 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Tue, 21 Mar 2023 23:38:02 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDoEJ6BXw63uTR6Ucwj-LTI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame FC0F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEABkgQSh9k56oAN8eSuHFvE&google_cver=1&adform_v=1
43 B
163 B
Image
General
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEABkgQSh9k56oAN8eSuHFvE&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYh-mA4wEwAQ&v=APEucNW1LBM8CXjyIiOB_4XHdTrpeRH6-Ykp1VYtbJyv2UURzKsftYKIQM7Z-lInXYqIbbEolfXvyzYgP4rY1utmrGnVfbd_C4WoW46QVBIbf6Z-XkdRgs59Xncnwid97AjUcGXrr8ZcR8dWIVPesuOcdV0Pc8wb0Ie7cxxNnjD8AEFLYjHF29zgyqxd07eT9WQL-NkPmf5g
Protocol
H2
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
last-modified
Fri, 18 Nov 2022 14:39:11 GMT
server
nginx
accept-ranges
bytes
etag
"6377990f-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEABkgQSh9k56oAN8eSuHFvE&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Utils.js
cdn.ipromcloud.com/script/ Frame 8AD5
102 KB
36 KB
Script
General
Full URL
https://cdn.ipromcloud.com/script/Utils.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8419b65a0dfca5ed652610d9ece508a2858b0340aede701cab77c19246b36032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
6684
cf-polished
origSize=105043
referrer-policy
no-referrer
cf-bgj
minify
last-modified
Thu, 16 Mar 2023 08:53:43 GMT
server
cloudflare
etag
W/"6412d917-19a53"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cf-ray
7ac24415fa6c910a-FRA
Utils.js
cdn.ipromcloud.com/script/ Frame 0525
102 KB
36 KB
Script
General
Full URL
https://cdn.ipromcloud.com/script/Utils.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8419b65a0dfca5ed652610d9ece508a2858b0340aede701cab77c19246b36032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
6684
cf-polished
origSize=105043
referrer-policy
no-referrer
cf-bgj
minify
last-modified
Thu, 16 Mar 2023 08:53:43 GMT
server
cloudflare
etag
W/"6412d917-19a53"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cf-ray
7ac244160a72910a-FRA
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7CD
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8411444268979&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7CD
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8411444268979&version=m202301230201&ct=77&x=6&cor=181057053735362620
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E7CD
17 KB
12 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrB73LKOVtD-Ap0GTNBcbPbcJaX_0YMdSgRoNLrCkececN-PWh8tDqbCewEBBPnSHy5dXduVlF2rVZwVLYsl70GV4hmzwKC75y-aFwb0jIpHWUaoOhQX7_LtLZh7OM66U1xY-TopZ5uIO8nr2x9sAxbyD2K-f0SzPamwWFcIzNToTl-0g&cry=1&dbm_d=AKAmf-BI-j1-miYSM6dtQTmmfwtpXWHXw9hShZmdnCl-3XLIEWx8rmeQyygpevKb83rf_os9STVdgnEhg8hyj86HkX7rT9a3NTH5jgxmIzPTrpCNpTxXEHdiV4LyYxxQJFyJOVf_0atW7_mf8qeieZuT5yWgNfBczNhWK2HX3zK0M2EinHf0xlzJgXYkwVtGweRtvZUFIg50n8z7nTAbJ4nxxxUBjBBrTPHbsoNPTpDsL_UFYnTOsusMmSrOmSF9LK0IrKI0ki8AuEqe_kkhvrO99gxfkWFV4Ovyx4A3-6hqZDVQxAY_R1Y_vyHwdl14JL2jgznBypvzUEFnJdoB4v5x8WOHWpUIlBL1Cj-qFXVLghJ_wRaofH1N_PhUdKn5px-tZVac-PRn9x5S7s-Hpdcz79s_Gv4g9BWnd-jLkJecowUfnx9czxER472Y5ouInfVKI-FvxVyrOL3yyNUfWVTkBf6tbTtnInS3dSB5DAlEluZjqaB0143TP6rEHQ7Ng-qb84RKKhlmBbyXlYKb52VvWdEy4O_W1RsVeJ-LTk9eKH8jRk2taTsQgDZr_zhvTVJ8bNNBDpU7f-XWTG3O7znJskmhQnqseBIKf2ifDyfZv49AwOL75wRK6lAmCKiNlT5om3_FmsRv1ioimqTGiwQ1OFzzJfkjUk_LM1UHomqlpMbOmHNyXKStD8a3RTyGMfK5SoqETPNCO7VrINl6SsRTVggBPqlWSMA2NPo-YzMgizIiNy_-tOyyF__QkxLK2ynJaN0MuQstA1x3u7RvsfAWJwJjpU0_1pedA5lha0Gog6tUee9U2AB7yrENQInC_SewLuNvDlp3fVcw4i6IYf5NtANoKr_AyyvHyVNQj_1Du3i5hBZnEI1gvOGx1Y7_5FWbE6TokgErNsAjaIR-XlEflK-2UTfoUAKC2L7P3GDWPuJ4vPaSJv2_6KI1XVnkLzQfUjDmfQJHW1kEYC5bwsi4DOjLsSVOfGeYYP_mjJ0bxh_RydYeT_3vif-Z4_5lANrd7Z9BgxcaYHWyytSdeKDwpdQaeMlFpK1xigf9F-rX2Q_BoVP1-M6F7kGmYQHlsu_yFQIfWKON4a52-yBzx6HCqBh148Dx2qHupw_zJdVJ8bO3roMOjEwiBXNRd0_GJ-BNEZJx-mE40YELxIlieK7zjOl44NbYT9CpYSINCvIWRRRvEh7Aww0JmfMS3E-fR2aO7GjRuiaf6ciWqG5-v6DUuqXhaz1R_QliNcCjLuMDoGtrcMwKoImdOTIIWz2gqXGzV2qUrdkX8gcOf5c-oJ9HQDXWVVkvb2XtLGuDVl7U1Py5tA-Re-lnV1xoMHRJsvkdH8_m85Tps-gxSqzb3V-lbMVTDnHPPCQlIqgVHvYhuv_oKU94AoxqLC6nRqS1NGM1o5NpXgLev0J1PhSLD2dydtN01980dEwlVZGQ3RyVgoTZKgy-74BDMF28z7GVEShVjzJ_m5FJoYOKsAuGwoEw3xAnB5VT5UCBoVlPiwIAdeR5h_27b5o5917h3KVkwyu9PZUhfF86ovN_fcVDGQFWyHKS30tdFKsS-HWb6zg_oRJ21avpNXkeD_ZIQRqRGuogVPkxEufqgNOo-j55WTbNjlvdJ47HgcF37HuzAwD7gpeHBKr0ta8WSTMikm5oasR_ranCTnqSyUNmeEr4Rl36zPBbfC9kW7V5Wk-TO44stYPV_613Cc4NmZTJblIsnnamry-gDMH5g55LSVeEyHXmNZMEBHdIRBEk0AUnnr9pwLOzLRRAfAGCtOf4vmDXOJ3gab_HPv5i0K2YCNfthh8km40SYhLNUtPsguoKLLouZZ2zr-qklocSeQUYlx-GwEUKCYLG4c8WnD4RoIYww4R147rkmHfBS_tayLYx3IJYeDAgErcnVUoNl4Mm8VPjZ9hBdAeILorzqY7S7IJifbntp6ImOVHTrUzLvArwHh7j9NyPB7HogBPFGFpQpAPvULuOTg3m88cfN8WBSCSA1LvE9DwxO2fRnyroZeLWHavjoLXmwIQnBKvjJ-ZQy6moZoCPAdoXji7Prsvle7iMqf43RZ6Ra5Yn2L4_BgTgmaIP-7SYj2DzGox6BasQxms-mjBG6-Dfkz2yH5gpLb_fXeJH0WOPLe3dlGjelSh_JbMkRklhWvSpIR5fkIb7vOKET6bYr14maO67WieNQA7SfAahuC-j-f5q7Up8CJVGnCcx7IB6MdhI9wAz3EFMWeSzGWkSHGMdmI9qYlymfoG_rS-PucdyyuiOPqFWzO0DbW6S0cCnJRMYgv4ZhBUtPYN-epms0OA_F5fyDV3PVejjjFfmb6C6TtP_xIcLgRjhOvFw4lRXRTp1WRFNfCKFcmETZTp3piM-Ryy0emlvwOQv8oVu2f30KQHzTcmBBEDJQQHyKGCwerXh2MEMN-Bzd8iPZp_8JfBdKGqgAwWxs-grwBNMdM6pV1mqhLbTKferf0DF98eJ-mm2ie4FGkOOVCFynXEj8Dwj46Aov0BWtZnSDSesdQAR2KOuxNX_WIkwDskRq90zpUeDd7PdMdDmyJ2EtSOgE_dQgAsA5BrIVOtoHWGLx5PbyDWKe5cFVaNFi7f70PWhHd0UdYkvFShfa04TK9NR0p6IRsJVW5Mhac1YjDVYQ-x7PGMQ3Z__kWDFGKurZ7_qF0jCHzPBbG49KGbnqzxoNWu_El2TbmgdUwxN1Gk87enZz52mX-x4KbhsfJx-3EtYHmVCl8VOhkTpqZuknTjLini7zv37RggAU9F6Sf9XIahYc1A22LCew47mjxkKqND9LGqWZGTxS6ju27BHLdAC5WeyOVGaGIHot3CJewwnjVGq_HxYWbPc8end-RFu7o_nteK_JCTdUjsgWMKZ-I6wmcJcXAwhgHo-_umXeNBLb66ojxXfj-CMCmP-N_9dDrCmIhzlvUVztpr9uwyAFwckqRhJUaFReZT6-ufE2nuKJX1vu8WL14J47eJEhdxkcM02llfBBCdLTDnRCu6QvCs2fz7tnELLvoCZxAAUYxcoY8yBkDgsbALllg9vvZKf2a_LaQUJ6hTMgzqb1fS9EdDa3OlW22sW1c6JzCX28_-ViB_IzbMOljxCcMQABNUagtyr5c1sMkqdMCaYrEHMv8V1fKay-hJQEnW41Udc1yW6EJLYKe4TD1o11riVeBsMAv7uMwG9rRCIxlkw_6o6fy1kDomGYOX8VrDEfYLzQuZxzsGlCX3f1IsuGV2wnhPL9hKnu1FMFK3CMLvr7WOLYc-YD3MM3ze09ukaXGM7zjHgpwXC_hV8u99vPjrB5jFei0dx_BaJWbQpBuB1Hds8-oNurZYXuwT9AonJpObE6N1UugQNJfvMcQ&pr=6%3A0.132554&cid=CAQSGwDUE5ymZYn0EUllwXloCQ0-ga-11RJMKocZ0RgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.picuki.com%2F&ds=l&xdt=0&iif=1&cor=181057053735362620&adk=1523019096&idt=87&cac=0&dtd=9
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5245da93535d7d95f1c50c9476cc76c60884bb623b869943c115f576a0548479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
notify
tlx.3lift.com/header/
37 B
220 B
Image
General
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.0723&ts=1679528279&aid=2018735542396918170290&ec=7354_111799_61989835&n=GgDyAsIBCAASFjIwMTg3MzU1NDIzOTY5MTgxNzAyOTAYACABKLo5MLfpBkABSAFQAWAKaABwl8MGkAEAmAEAqAEAuAEFwAGcAcgBwQHwAdcB%2BAHBAYACnAGRAgAAAAAAAPA%2FmQJSuB6F61HIP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4ApA3gAPYBYgDWpADAJgDAKADALgD1KIGyAMA0gMINjE5ODk4MzXgA4LF7T7pAwAAAAAAAAAA8APBAfkDAAAAAAAAAAD4AgyIAwCSAwRBRDIwmAMAoAP9%2FhWoAwA%3D&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.70.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-70-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 22 Mar 2023 23:38:02 GMT
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
r
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/r?inv_code=SETUPAD_RON_970x250_Prebid&aid=2018735542396918170290&rev=beecd2b&pr=un&bc=0.193&bmid=7354&biid=7056&sid=111799&brid=106903&adid=61989835&crid=131818114&ts=1679528279&bcud=193&ss=12&caid=0&unid=0&domain=www.picuki.com&ref=https%253A%252F%252Fwww.picuki.com%252F&rr=creative&fid=10&rb=0&g=0&tmplid=215&cb=46666
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pe
eb2.3lift.com/
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/pe?inv_code=SETUPAD_RON_970x250_Prebid&aid=2018735542396918170290&rev=beecd2b&peid=1&fid=10&tid=0&cb=36087
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 0EA7
3 KB
3 KB
Image
General
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-84.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 01:55:08 GMT
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
493396
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3125
x-amz-cf-id
IjUv-NJRJ9840mRoNLDP9lvjcnlRA5z4Rhyq8ZTLRjgVAMbU0g-z8w==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 0EA7
3 KB
4 KB
Image
General
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-84.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 05:21:53 GMT
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
238570
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3518
x-amz-cf-id
yFHT4URbV7m_X4OpOyQWlt-JQOukXOUrOBhlVdFd4sTQENyugORmng==
ctar
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ctar?inv_code=SETUPAD_RON_970x250_Prebid&aid=2018735542396918170290&rev=beecd2b&cta_render_method=1&cta_render_text=&cb=18183
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
/
track.adform.net/adfscript/ Frame 43D7
971 B
1 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=61989835;rtbwp=0.193;rtbdata=1wXVmOKGFMeYEdvmklPxhNk0KB_EYkvmaiQnMfGm2TYO3DK8ywBXfXl_SwACTqE9X7RxklPDOtbFTHRNyquuiK11uVSu7IYHAKV4i2Uo6VRhBgroSqz0GgdIYh1LpHnOgzsBhBQPgcrCiuTDideiUSMoB1m109rl9U34vHQLoUPay7XrhSpSrimJ_IU6mQ8yGSZ2ua8m9SuqCaudDXlbWkRIyqqHyGJf8feAJlkdSKsZbsISCitjMV4Lqz-_VnrBNbiahArKc7BxZwrEVgYIC84xMoc8Yp1b4UFuhV40q881
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
59fbfc419ceaccb8d9654a1d5f0dcb6d97716a86b6780de1f6de611eb985b6fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
837
expires
-1
aop
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/aop?inv_code=SETUPAD_RON_970x250_Prebid&aid=2018735542396918170290&rev=beecd2b&pr=un&bc=0.193&bmid=7354&biid=7056&sid=111799&brid=106903&adid=61989835&crid=131818114&ts=1679528279&bcud=193&ss=12&caid=0&unid=0&domain=www.picuki.com&ref=https%253A%252F%252Fwww.picuki.com%252F&rr=creative&fid=10&rb=0&g=0&tmplid=215&cb=13458
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
eb2.3lift.com/ Frame D30D
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?max=10&cb=24898
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 22 Mar 2023 23:38:02 GMT
ev1
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ev1?inv_code=SETUPAD_RON_970x250_Prebid&aid=2018735542396918170290&rev=beecd2b&pr=0.0723&bc=0.193&bmid=7354&biid=7056&sid=111799&brid=106903&adid=61989835&crid=131818114&ts=1679528279&bcud=193&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=94117
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
Classic.js
cdn.ipromcloud.com/script/format/ Frame 8AD5
4 KB
2 KB
Script
General
Full URL
https://cdn.ipromcloud.com/script/format/Classic.js?cb=20230322
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02638d82c5262138597d5a3b13f1020ea6dc9500bd8ef7942626506f537c8f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
4715
cf-polished
origSize=4387
referrer-policy
no-referrer
cf-bgj
minify
last-modified
Tue, 14 Mar 2023 08:16:21 GMT
server
cloudflare
etag
W/"64102d55-1123"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7ac244170b01910a-FRA
Classic.js
cdn.ipromcloud.com/script/format/ Frame 0525
4 KB
2 KB
Script
General
Full URL
https://cdn.ipromcloud.com/script/format/Classic.js?cb=20230322
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02638d82c5262138597d5a3b13f1020ea6dc9500bd8ef7942626506f537c8f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cdn
cdn1
age
4715
cf-polished
origSize=4387
referrer-policy
no-referrer
cf-bgj
minify
last-modified
Tue, 14 Mar 2023 08:16:21 GMT
server
cloudflare
etag
W/"64102d55-1123"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7ac244170b02910a-FRA
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E7CD
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 10:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Mar 2024 10:06:00 GMT
impl_v95.js
www.googletagservices.com/dcm/ Frame E7CD
60 KB
23 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Mar 2024 18:05:11 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A00D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5ad9641b-915b-4d00-8c48-2767684d5af7&gdpr=0&gdpr_consent=
42 B
327 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5ad9641b-915b-4d00-8c48-2767684d5af7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 22 Mar 2023 23:38:03 GMT
Expires
Wed, 22 Mar 2023 23:38:02 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 668 4401257 master hkg-pixel-x25 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5ad9641b-915b-4d00-8c48-2767684d5af7&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 7427
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3532487262417699871
42 B
274 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3532487262417699871
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3532487262417699871
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame D299
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjZEMDIyOEItMUE4Qi00MDE5LTgyQTUtM0ZFQjY1RTZCMzJC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D299
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEL-usC4x38nKL87n8GKK3Ts&google_cver=1
42 B
377 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEL-usC4x38nKL87n8GKK3Ts&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEL-usC4x38nKL87n8GKK3Ts&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D299
43 B
610 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 21 Mar 2023 23:38:02 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D299
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7433101869634256471
42 B
298 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7433101869634256471
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7433101869634256471
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
view
securepubads.g.doubleclick.net/pcs/ Frame E7CD
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv03wFA_r70ZSZuGZwTi1ONX3luGlQGSPrw-jZSbT6CZOtIKJ7XDNBIHQDi_7WdvCUMa8OmKxITj76UIPrxtnST2c7Fav6MSFDGNMTwG822ZyDYJe4tzMNEhu2XDHc64i3JIEy794e439ZRKqaZYRfog7ywrz-9ey0XFKTkzCZEQ31ERV0q0ZTe_5OlNWZ8QI0r2fDqUIp8CcWSjI4DEUEKqCh4nqf9BB0WtTlzM--2jyGfes3LRu2BBVWU99grw4S0Rp8ZivnKDu086VgTfwd2x-WYdsrLWpAYvOdvp8hfIxKkYHgNTYR9PMVa4ORytrDzPK4E30O5kv1ro8PrPcttwFjxcwW3ut1cjb8nmw&sai=AMfl-YSIoKAbZFIzgGOFFScS5pkwx5SHd5qLtIjO6RK9P24rQvCAGL3XGJmFWNFCe1Vz5yP8qMmlFoue_b_ocJmgwtjM0FEkPC0Pyc9agLaSySwce3rUw6W6KOqv2v_655s&sig=Cg0ArKJSzElqKMDFspT3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Mar 2023 23:38:02 GMT
generate_204
tpc.googlesyndication.com/ Frame CEA3
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?9g8c9A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
22ab6142dd1639cf0ddb5d981ba7fa06_728.jpg
a.ipromcloud.com/2023/183394/
27 KB
27 KB
Image
General
Full URL
https://a.ipromcloud.com/2023/183394/22ab6142dd1639cf0ddb5d981ba7fa06_728.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bded88aa1af06150dfa6171eb4dc45c2d2b7cdbba047fec7294104680d5910a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
cf-cache-status
HIT
x-cdn
cdn1
age
1144
cf-polished
origFmt=jpeg, origSize=71190
content-disposition
inline; filename="22ab6142dd1639cf0ddb5d981ba7fa06_728.webp"
content-length
27592
referrer-policy
no-referrer
cf-bgj
imgq:100,h2pri
last-modified
Wed, 22 Mar 2023 07:56:07 GMT
server
cloudflare
etag
"641ab497-11616"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac244181b85910a-FRA
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
35f5528c-2e58-4b23-b2f6-7eb95118b2e1
de-core.iprom.net/h/log/ Frame 0525
43 B
286 B
Image
General
Full URL
https://de-core.iprom.net/h/log/35f5528c-2e58-4b23-b2f6-7eb95118b2e1?hts=202303230037&type=i&ppp=0.122000&referer=https%3A%2F%2Fwww.picuki.com%2F
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.63.45.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.45.45.63.178.clients.your-server.de
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
x-core-time
28ms
vary
Accept-Encoding
content-type
image/gif
x-server-arch
v2
connection
close
content-length
43
x-adserver-worker
de-leviathan-f72df421680c@version_1.536v2
22ab6142dd1639cf0ddb5d981ba7fa06_728.jpg
a.ipromcloud.com/2023/183394/ Frame 8AD5
0
0

truncated
/ Frame 8AD5
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
22ab6142dd1639cf0ddb5d981ba7fa06_728.jpg
a.ipromcloud.com/2023/183394/
27 KB
27 KB
Image
General
Full URL
https://a.ipromcloud.com/2023/183394/22ab6142dd1639cf0ddb5d981ba7fa06_728.jpg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bded88aa1af06150dfa6171eb4dc45c2d2b7cdbba047fec7294104680d5910a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
cf-cache-status
HIT
x-cdn
cdn1
age
1144
cf-polished
origFmt=jpeg, origSize=71190
content-disposition
inline; filename="22ab6142dd1639cf0ddb5d981ba7fa06_728.webp"
content-length
27592
referrer-policy
no-referrer
cf-bgj
imgq:100,h2pri
last-modified
Wed, 22 Mar 2023 07:56:07 GMT
server
cloudflare
etag
"641ab497-11616"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7ac244181b8e910a-FRA
f3ee3045-de90-420d-8a6d-99e79c8b0ee7
de-core.iprom.net/h/log/ Frame 8AD5
43 B
283 B
Image
General
Full URL
https://de-core.iprom.net/h/log/f3ee3045-de90-420d-8a6d-99e79c8b0ee7?hts=202303230037&type=i&ppp=0.122000&referer=https%3A%2F%2Fwww.picuki.com%2F
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.63.45.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.45.45.63.178.clients.your-server.de
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:02 GMT
x-core-time
25ms
vary
Accept-Encoding
content-type
image/gif
x-server-arch
v2
connection
close
content-length
43
x-adserver-worker
de-avatar-5ebf0c3b9159@version_1.536v2
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 43D7
34 KB
16 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 03 Feb 2023 15:46:59 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C276
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
400000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Mar 2023 08:31:22 GMT
expires
Sun, 17 Mar 2024 08:31:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
B29353508.359035546;dc_ver=95.280;sz=728x90;u_sd=1;dc_adk=821346888;ord=jj4ohq;click=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXR...
ad.doubleclick.net/ddm/adi/N1339858.279382INVITEMEDIAINC.D/ Frame C6F8
57 KB
28 KB
Document
General
Full URL
https://ad.doubleclick.net/ddm/adi/N1339858.279382INVITEMEDIAINC.D/B29353508.359035546;dc_ver=95.280;sz=728x90;u_sd=1;dc_adk=821346888;ord=jj4ohq;click=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NzQ4NTY5JmFkSWQ9MzEyNTQxNCZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE2NTM3NDQxMTcyMjY5NTUwMTE4JmFkU2VydmVySWQ9MjQzJmltcGlkPTg2RTk5M0E3LUZGMTEtNEJCRS04NTk5LThFQTkzM0U4NEJCRCZwYXNzYmFjaz0w_url%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCpb8tV5EbZOCdOJCG7_UPn9OZ-AiQ9pnQb-ut8r2MEWQQASDLidYjYJXikIKgB8gBCakCTPfOg6A3sj6oAwGqBPYBT9C1TGIdjJWL340eOJ8WWvNKxvN7MlQfjuCJDbdlp1UxtyksgMB-KAmT3cFytiN_8kmfk8v8-tBi2N3uvErp4pb_kHbCT0iHQtZsm21AeY-DjLh98N1jSaMLhcWSiK-ma2Vk57l4wp0jCNxra1vB1K4xtizs-TQT26EKlmEoq-rf8I7bdBPaRAKQQ7BZSij2h7qBk7A_aBAflUn9HiX9P-d8caj04G7TgT51tJJRmHjkTg9tEXSrcp2OKfc0WpM56S1QgxiMbJ3eUO08nMq-ayFS-dDYl-FjCu-8cmLzRxE2wR6ufanGEe9nRUvPqoBv7uSnJ9jTwASU_py3pgTgBAOQBgGgBk2AB4CxgNYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYXzICqgI6AoBA8ggNYmlkZGVyLTc0ODU2OYAKBJgLAcgLAYAMAbAT0MfSEtATANgTENgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSGwDUE5ymZYn0EUllwXloCQ0-ga-11RJMKocZ0RgB%2526sig%253DAOD64_1Ft4lRYCE6mKCP_vMSPFPS3Uc5yw%2526client%253Dca-pub-6362111942204036%2526dbm_c%253DAKAmf-CKlQiN19BWUeW8EbOlNpYGklWSYzjkARNVtOvPA2PxI3HTqzTzXRTs1hf6N5AAH1GT51r8EvCKYVZFNu5L5bvpP0gFeJV3YZ9uj4I8MQCJpYcvWO8ZtkzOLUOCp-m3kpZfYn-iFAYCalDO3qRK8vLYtD40eBit3V_1z9HX9oWFDmPBQ3g%2526cry%253D1%2526dbm_d%253DAKAmf-AxNwbMtSx32GccRlKVSKu1fvr_g1JWUsNmlWnFMBqtoCLbY3Af5OWC4RSHi2h__zgOoS5XziNns0EFwD9nlKbRCzMYZQ4LluLswD3WUfQhVFL99jh4grcORt_m2mHJbB06AOv8ISmEU8Vr9GGFxbhTKAH8Rp6juJwLfh1VhpVJRXAspZ7DjslwYULgTApmu628fWlcyHGJQsNXBkbZHTk0NCnazmvMbhAhE1SnTVsZRr58ojAzQ-8eiCVLB3o3M8YkQwwXVPKoVV9ixV91mLb98OQShUu0SGexxHGy6B7-UY4xx-2-IAaMZmCrkkeR_x8aTSs6s6Yw9r4FQnRGLOOobA8YpTShfxY_x-1OaTNnwa3NQsm0ZGmCmZEWFZWKz_Dl86OSrDSxSgF-kb2si9QZFkMGdAKMFx_yA3jpEIcowuDf42dkl0Hjz7qgwoPZvdc2E1vW4ijaxLjV0ZyzVTSgGFVPgRt-d2WxhNELKbF8dZfgoO3vBW6UvbtqJPz1dDZT6pXxiX6qTiP5C53Ipfj64QnR4Q%2526adurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.picuki.com%2F$0;xdt=0;crlt=wBZ-L2WyBT;stc=1;chaa=1;sttr=209;prcl=s
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
747c653f1f399c9ecef981d1c8d6788234000d67df69b2e9d4ff406b6bdb0c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
28251
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Mar 2023 23:38:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame BE31
39 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=23731
content-encoding
gzip
content-length
14445
content-type
text/html
date
Wed, 22 Mar 2023 23:38:02 GMT
expires
Thu, 23 Mar 2023 06:13:33 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame C5E5
0
49 B
Document
General
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=748569&adId=3125414&imprId=86E993A7-FF11-4BBE-8599-8EA933E84BBD&cksum=F6BE8FEA59671FC8&adType=10&adServerId=243&kefact=0.092788&kaxefact=0.092788&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1679528279&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.132554&dcId=3&tldId=0&passback=0&svr=BID22353U&adsver=_3167765704&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=V5EbZHEgDwDhbLzPFbCFBEzQnsJkCBmymXQcmbNV6vqVk2a8&ekaxefact=V5EbZHsgDwAt8onmVUoGPCi-f_AtOPGr-jAw7aunExEJWgs2&ekpbmtpfact=V5EbZIUgDwDbpeS3mcp3zhqPxwSH3jR79AGO8ZhW1KRd0bJw&enpp=V5EbZI4gDwAiJQ2ueoe3M2GvXzulSNmeR_AVQdIT7xeo44XI&pfi=1&domId=305040806987421129&dc=AMS&pubBuyId=44663&crID=476066951&lpu=seedtag.com&ucrid=16537441172269550118&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=6135531&wDspId=80&wbId=1&wrId=0&wAdvID=1310834&wDspCampId=19805778375&isRTB=1&rtbId=50D7EDF4-75F8-49A6-AFFE-09A924C87AED&ver=7&dateHr=2023032223&oid=86E993A7-FF11-4BBE-8599-8EA933E84BBD&cntryId=58&domain=picuki.com&sec=1&pAuSt=2&wops=0&sURL=picuki.com&BrID=5
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 22 Mar 2023 23:38:01 GMT
expires
0
pragma
no-cache
truncated
/ Frame E7CD
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a6ff08ac67570999d01bd180810f582793a463866a2c4a39a6ccd39420f3a29

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0525
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssb6UqIeKIAsJYAoMsOkQ6K9ZC4BM4PfHUW6hireeHaNXn_vH-8_QkHP6ZLk1aLo4-N1egoiOHXcRz7qvysLL0X4Ggg2hyTHmoKK--dToYMiaB247R_i0RHIu8L-GJfxWzvcabX3HKNljey2MkHLPf-9JA2c9hJsE6Xad5UkRueH1oXGv0neeq0W21dMNetVoACAtWyV1eyRwcEgl5kDNHA1pFsMPCOTckVkSHhb7Kuxq3R6t6Ua3f-qam77ZIKq8WoYZYXhtG5pa6PTJ2h-SlgRTksA34bK7EpDMIjn_7P83tRxPzCQV6YxFcZmAWJSPBOU7GGBvtZO78B-dbEi-xQhOp7dVSvbiU&sai=AMfl-YRyYPZIR2KUGGAUuRkxdJCVh4NzdP7PMSSrhibWMhm4rKdqUISF8rvgT1c1JSB84qAw1hvMSnzpgIHHkD20UDhjqDiRtGTgaqyv8v9Yh827_ZW7Z6pnTkvxuf3OXHo&sig=Cg0ArKJSzBBDOuXYkhD3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Mar 2023 23:38:03 GMT
t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js
pagead2.googlesyndication.com/bg/ Frame C276
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 16:08:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
113375
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14115
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Mar 2024 16:08:28 GMT
17081065031764403172
s0.2mdn.net/simgad/ Frame C6F8
59 KB
60 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/17081065031764403172?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qkPogS9k1Qm60hUxaVdgghZSc0Vbw
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1339858.279382INVITEMEDIAINC.D/B29353508.359035546;dc_ver=95.280;sz=728x90;u_sd=1;dc_adk=821346888;ord=jj4ohq;click=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NzQ4NTY5JmFkSWQ9MzEyNTQxNCZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE2NTM3NDQxMTcyMjY5NTUwMTE4JmFkU2VydmVySWQ9MjQzJmltcGlkPTg2RTk5M0E3LUZGMTEtNEJCRS04NTk5LThFQTkzM0U4NEJCRCZwYXNzYmFjaz0w_url%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCpb8tV5EbZOCdOJCG7_UPn9OZ-AiQ9pnQb-ut8r2MEWQQASDLidYjYJXikIKgB8gBCakCTPfOg6A3sj6oAwGqBPYBT9C1TGIdjJWL340eOJ8WWvNKxvN7MlQfjuCJDbdlp1UxtyksgMB-KAmT3cFytiN_8kmfk8v8-tBi2N3uvErp4pb_kHbCT0iHQtZsm21AeY-DjLh98N1jSaMLhcWSiK-ma2Vk57l4wp0jCNxra1vB1K4xtizs-TQT26EKlmEoq-rf8I7bdBPaRAKQQ7BZSij2h7qBk7A_aBAflUn9HiX9P-d8caj04G7TgT51tJJRmHjkTg9tEXSrcp2OKfc0WpM56S1QgxiMbJ3eUO08nMq-ayFS-dDYl-FjCu-8cmLzRxE2wR6ufanGEe9nRUvPqoBv7uSnJ9jTwASU_py3pgTgBAOQBgGgBk2AB4CxgNYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYXzICqgI6AoBA8ggNYmlkZGVyLTc0ODU2OYAKBJgLAcgLAYAMAbAT0MfSEtATANgTENgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSGwDUE5ymZYn0EUllwXloCQ0-ga-11RJMKocZ0RgB%2526sig%253DAOD64_1Ft4lRYCE6mKCP_vMSPFPS3Uc5yw%2526client%253Dca-pub-6362111942204036%2526dbm_c%253DAKAmf-CKlQiN19BWUeW8EbOlNpYGklWSYzjkARNVtOvPA2PxI3HTqzTzXRTs1hf6N5AAH1GT51r8EvCKYVZFNu5L5bvpP0gFeJV3YZ9uj4I8MQCJpYcvWO8ZtkzOLUOCp-m3kpZfYn-iFAYCalDO3qRK8vLYtD40eBit3V_1z9HX9oWFDmPBQ3g%2526cry%253D1%2526dbm_d%253DAKAmf-AxNwbMtSx32GccRlKVSKu1fvr_g1JWUsNmlWnFMBqtoCLbY3Af5OWC4RSHi2h__zgOoS5XziNns0EFwD9nlKbRCzMYZQ4LluLswD3WUfQhVFL99jh4grcORt_m2mHJbB06AOv8ISmEU8Vr9GGFxbhTKAH8Rp6juJwLfh1VhpVJRXAspZ7DjslwYULgTApmu628fWlcyHGJQsNXBkbZHTk0NCnazmvMbhAhE1SnTVsZRr58ojAzQ-8eiCVLB3o3M8YkQwwXVPKoVV9ixV91mLb98OQShUu0SGexxHGy6B7-UY4xx-2-IAaMZmCrkkeR_x8aTSs6s6Yw9r4FQnRGLOOobA8YpTShfxY_x-1OaTNnwa3NQsm0ZGmCmZEWFZWKz_Dl86OSrDSxSgF-kb2si9QZFkMGdAKMFx_yA3jpEIcowuDf42dkl0Hjz7qgwoPZvdc2E1vW4ijaxLjV0ZyzVTSgGFVPgRt-d2WxhNELKbF8dZfgoO3vBW6UvbtqJPz1dDZT6pXxiX6qTiP5C53Ipfj64QnR4Q%2526adurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.picuki.com%2F$0;xdt=0;crlt=wBZ-L2WyBT;stc=1;chaa=1;sttr=209;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52fc9faafd981b2a1b767dce609b55c88f4c5816d8c67be2fe282c3c6139bd23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 18:08:57 GMT
x-content-type-options
nosniff
age
451746
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60564
x-xss-protection
0
last-modified
Thu, 09 Feb 2023 09:16:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Mar 2024 18:08:57 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20230321/r20110914/xfa/ Frame C6F8
10 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230321/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1339858.279382INVITEMEDIAINC.D/B29353508.359035546;dc_ver=95.280;sz=728x90;u_sd=1;dc_adk=821346888;ord=jj4ohq;click=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NzQ4NTY5JmFkSWQ9MzEyNTQxNCZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE2NTM3NDQxMTcyMjY5NTUwMTE4JmFkU2VydmVySWQ9MjQzJmltcGlkPTg2RTk5M0E3LUZGMTEtNEJCRS04NTk5LThFQTkzM0U4NEJCRCZwYXNzYmFjaz0w_url%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCpb8tV5EbZOCdOJCG7_UPn9OZ-AiQ9pnQb-ut8r2MEWQQASDLidYjYJXikIKgB8gBCakCTPfOg6A3sj6oAwGqBPYBT9C1TGIdjJWL340eOJ8WWvNKxvN7MlQfjuCJDbdlp1UxtyksgMB-KAmT3cFytiN_8kmfk8v8-tBi2N3uvErp4pb_kHbCT0iHQtZsm21AeY-DjLh98N1jSaMLhcWSiK-ma2Vk57l4wp0jCNxra1vB1K4xtizs-TQT26EKlmEoq-rf8I7bdBPaRAKQQ7BZSij2h7qBk7A_aBAflUn9HiX9P-d8caj04G7TgT51tJJRmHjkTg9tEXSrcp2OKfc0WpM56S1QgxiMbJ3eUO08nMq-ayFS-dDYl-FjCu-8cmLzRxE2wR6ufanGEe9nRUvPqoBv7uSnJ9jTwASU_py3pgTgBAOQBgGgBk2AB4CxgNYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYXzICqgI6AoBA8ggNYmlkZGVyLTc0ODU2OYAKBJgLAcgLAYAMAbAT0MfSEtATANgTENgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSGwDUE5ymZYn0EUllwXloCQ0-ga-11RJMKocZ0RgB%2526sig%253DAOD64_1Ft4lRYCE6mKCP_vMSPFPS3Uc5yw%2526client%253Dca-pub-6362111942204036%2526dbm_c%253DAKAmf-CKlQiN19BWUeW8EbOlNpYGklWSYzjkARNVtOvPA2PxI3HTqzTzXRTs1hf6N5AAH1GT51r8EvCKYVZFNu5L5bvpP0gFeJV3YZ9uj4I8MQCJpYcvWO8ZtkzOLUOCp-m3kpZfYn-iFAYCalDO3qRK8vLYtD40eBit3V_1z9HX9oWFDmPBQ3g%2526cry%253D1%2526dbm_d%253DAKAmf-AxNwbMtSx32GccRlKVSKu1fvr_g1JWUsNmlWnFMBqtoCLbY3Af5OWC4RSHi2h__zgOoS5XziNns0EFwD9nlKbRCzMYZQ4LluLswD3WUfQhVFL99jh4grcORt_m2mHJbB06AOv8ISmEU8Vr9GGFxbhTKAH8Rp6juJwLfh1VhpVJRXAspZ7DjslwYULgTApmu628fWlcyHGJQsNXBkbZHTk0NCnazmvMbhAhE1SnTVsZRr58ojAzQ-8eiCVLB3o3M8YkQwwXVPKoVV9ixV91mLb98OQShUu0SGexxHGy6B7-UY4xx-2-IAaMZmCrkkeR_x8aTSs6s6Yw9r4FQnRGLOOobA8YpTShfxY_x-1OaTNnwa3NQsm0ZGmCmZEWFZWKz_Dl86OSrDSxSgF-kb2si9QZFkMGdAKMFx_yA3jpEIcowuDf42dkl0Hjz7qgwoPZvdc2E1vW4ijaxLjV0ZyzVTSgGFVPgRt-d2WxhNELKbF8dZfgoO3vBW6UvbtqJPz1dDZT6pXxiX6qTiP5C53Ipfj64QnR4Q%2526adurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.picuki.com%2F$0;xdt=0;crlt=wBZ-L2WyBT;stc=1;chaa=1;sttr=209;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1671892bf155231b5d530edb9e3bf829c3555be03e9f5d895953be65384c46e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 15:16:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
30100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4277
x-xss-protection
0
server
cafe
etag
10285568641833337380
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Apr 2023 15:16:23 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230321/r20110914/elements/html/ Frame C6F8
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230321/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1339858.279382INVITEMEDIAINC.D/B29353508.359035546;dc_ver=95.280;sz=728x90;u_sd=1;dc_adk=821346888;ord=jj4ohq;click=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NzQ4NTY5JmFkSWQ9MzEyNTQxNCZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE2NTM3NDQxMTcyMjY5NTUwMTE4JmFkU2VydmVySWQ9MjQzJmltcGlkPTg2RTk5M0E3LUZGMTEtNEJCRS04NTk5LThFQTkzM0U4NEJCRCZwYXNzYmFjaz0w_url%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCpb8tV5EbZOCdOJCG7_UPn9OZ-AiQ9pnQb-ut8r2MEWQQASDLidYjYJXikIKgB8gBCakCTPfOg6A3sj6oAwGqBPYBT9C1TGIdjJWL340eOJ8WWvNKxvN7MlQfjuCJDbdlp1UxtyksgMB-KAmT3cFytiN_8kmfk8v8-tBi2N3uvErp4pb_kHbCT0iHQtZsm21AeY-DjLh98N1jSaMLhcWSiK-ma2Vk57l4wp0jCNxra1vB1K4xtizs-TQT26EKlmEoq-rf8I7bdBPaRAKQQ7BZSij2h7qBk7A_aBAflUn9HiX9P-d8caj04G7TgT51tJJRmHjkTg9tEXSrcp2OKfc0WpM56S1QgxiMbJ3eUO08nMq-ayFS-dDYl-FjCu-8cmLzRxE2wR6ufanGEe9nRUvPqoBv7uSnJ9jTwASU_py3pgTgBAOQBgGgBk2AB4CxgNYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYXzICqgI6AoBA8ggNYmlkZGVyLTc0ODU2OYAKBJgLAcgLAYAMAbAT0MfSEtATANgTENgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSGwDUE5ymZYn0EUllwXloCQ0-ga-11RJMKocZ0RgB%2526sig%253DAOD64_1Ft4lRYCE6mKCP_vMSPFPS3Uc5yw%2526client%253Dca-pub-6362111942204036%2526dbm_c%253DAKAmf-CKlQiN19BWUeW8EbOlNpYGklWSYzjkARNVtOvPA2PxI3HTqzTzXRTs1hf6N5AAH1GT51r8EvCKYVZFNu5L5bvpP0gFeJV3YZ9uj4I8MQCJpYcvWO8ZtkzOLUOCp-m3kpZfYn-iFAYCalDO3qRK8vLYtD40eBit3V_1z9HX9oWFDmPBQ3g%2526cry%253D1%2526dbm_d%253DAKAmf-AxNwbMtSx32GccRlKVSKu1fvr_g1JWUsNmlWnFMBqtoCLbY3Af5OWC4RSHi2h__zgOoS5XziNns0EFwD9nlKbRCzMYZQ4LluLswD3WUfQhVFL99jh4grcORt_m2mHJbB06AOv8ISmEU8Vr9GGFxbhTKAH8Rp6juJwLfh1VhpVJRXAspZ7DjslwYULgTApmu628fWlcyHGJQsNXBkbZHTk0NCnazmvMbhAhE1SnTVsZRr58ojAzQ-8eiCVLB3o3M8YkQwwXVPKoVV9ixV91mLb98OQShUu0SGexxHGy6B7-UY4xx-2-IAaMZmCrkkeR_x8aTSs6s6Yw9r4FQnRGLOOobA8YpTShfxY_x-1OaTNnwa3NQsm0ZGmCmZEWFZWKz_Dl86OSrDSxSgF-kb2si9QZFkMGdAKMFx_yA3jpEIcowuDf42dkl0Hjz7qgwoPZvdc2E1vW4ijaxLjV0ZyzVTSgGFVPgRt-d2WxhNELKbF8dZfgoO3vBW6UvbtqJPz1dDZT6pXxiX6qTiP5C53Ipfj64QnR4Q%2526adurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.picuki.com%2F$0;xdt=0;crlt=wBZ-L2WyBT;stc=1;chaa=1;sttr=209;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3501a3f0a7b6bc47f9f81c7be85b3603816fe2d3026ab4b396127ed9eb8895c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 15:16:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
30112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4115
x-xss-protection
0
server
cafe
etag
1914039858798321668
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Apr 2023 15:16:11 GMT
sync
eb2.3lift.com/ Frame B9AD
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 22 Mar 2023 23:38:03 GMT
sync
eb2.3lift.com/ Frame 8B6E
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 22 Mar 2023 23:38:03 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1BA3
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=75676
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 22 Mar 2023 23:38:03 GMT
expires
Thu, 23 Mar 2023 20:39:19 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame E77E
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1679528279953
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0C42
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=75676
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 22 Mar 2023 23:38:03 GMT
expires
Thu, 23 Mar 2023 20:39:19 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E17D
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=75676
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 22 Mar 2023 23:38:03 GMT
expires
Thu, 23 Mar 2023 20:39:19 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame A5B5
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1679528279940
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame BB34
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 22 Mar 2023 23:38:03 GMT
sync
eb2.3lift.com/ Frame 2287
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 22 Mar 2023 23:38:03 GMT
/
onetag-sys.com/usync/ Frame 9CFA
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1679528279952
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync-all.html
adxbid.info/ Frame B73E
7 KB
3 KB
Document
General
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d6c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ac2441a8a629a21-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 23:38:03 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JD5%2FW1pLBuKtiiu9Juqx27ctaaYVJrbQUbLU9UCJnlTOREdpmdibW5iBGgI8gwE9b%2FJqHI4rH%2B1PxrG0hK8FBPaQzWBKKkGpCW8PQa8WNahEfVgIe89s7kTbbTXD3Gq4zVoW0qjll4B0sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2160
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.picuki.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=75676
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 22 Mar 2023 23:38:03 GMT
expires
Thu, 23 Mar 2023 20:39:19 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C6F8
158 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1339858.279382INVITEMEDIAINC.D/B29353508.359035546;dc_ver=95.280;sz=728x90;u_sd=1;dc_adk=821346888;ord=jj4ohq;click=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NzQ4NTY5JmFkSWQ9MzEyNTQxNCZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE2NTM3NDQxMTcyMjY5NTUwMTE4JmFkU2VydmVySWQ9MjQzJmltcGlkPTg2RTk5M0E3LUZGMTEtNEJCRS04NTk5LThFQTkzM0U4NEJCRCZwYXNzYmFjaz0w_url%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCpb8tV5EbZOCdOJCG7_UPn9OZ-AiQ9pnQb-ut8r2MEWQQASDLidYjYJXikIKgB8gBCakCTPfOg6A3sj6oAwGqBPYBT9C1TGIdjJWL340eOJ8WWvNKxvN7MlQfjuCJDbdlp1UxtyksgMB-KAmT3cFytiN_8kmfk8v8-tBi2N3uvErp4pb_kHbCT0iHQtZsm21AeY-DjLh98N1jSaMLhcWSiK-ma2Vk57l4wp0jCNxra1vB1K4xtizs-TQT26EKlmEoq-rf8I7bdBPaRAKQQ7BZSij2h7qBk7A_aBAflUn9HiX9P-d8caj04G7TgT51tJJRmHjkTg9tEXSrcp2OKfc0WpM56S1QgxiMbJ3eUO08nMq-ayFS-dDYl-FjCu-8cmLzRxE2wR6ufanGEe9nRUvPqoBv7uSnJ9jTwASU_py3pgTgBAOQBgGgBk2AB4CxgNYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYXzICqgI6AoBA8ggNYmlkZGVyLTc0ODU2OYAKBJgLAcgLAYAMAbAT0MfSEtATANgTENgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSGwDUE5ymZYn0EUllwXloCQ0-ga-11RJMKocZ0RgB%2526sig%253DAOD64_1Ft4lRYCE6mKCP_vMSPFPS3Uc5yw%2526client%253Dca-pub-6362111942204036%2526dbm_c%253DAKAmf-CKlQiN19BWUeW8EbOlNpYGklWSYzjkARNVtOvPA2PxI3HTqzTzXRTs1hf6N5AAH1GT51r8EvCKYVZFNu5L5bvpP0gFeJV3YZ9uj4I8MQCJpYcvWO8ZtkzOLUOCp-m3kpZfYn-iFAYCalDO3qRK8vLYtD40eBit3V_1z9HX9oWFDmPBQ3g%2526cry%253D1%2526dbm_d%253DAKAmf-AxNwbMtSx32GccRlKVSKu1fvr_g1JWUsNmlWnFMBqtoCLbY3Af5OWC4RSHi2h__zgOoS5XziNns0EFwD9nlKbRCzMYZQ4LluLswD3WUfQhVFL99jh4grcORt_m2mHJbB06AOv8ISmEU8Vr9GGFxbhTKAH8Rp6juJwLfh1VhpVJRXAspZ7DjslwYULgTApmu628fWlcyHGJQsNXBkbZHTk0NCnazmvMbhAhE1SnTVsZRr58ojAzQ-8eiCVLB3o3M8YkQwwXVPKoVV9ixV91mLb98OQShUu0SGexxHGy6B7-UY4xx-2-IAaMZmCrkkeR_x8aTSs6s6Yw9r4FQnRGLOOobA8YpTShfxY_x-1OaTNnwa3NQsm0ZGmCmZEWFZWKz_Dl86OSrDSxSgF-kb2si9QZFkMGdAKMFx_yA3jpEIcowuDf42dkl0Hjz7qgwoPZvdc2E1vW4ijaxLjV0ZyzVTSgGFVPgRt-d2WxhNELKbF8dZfgoO3vBW6UvbtqJPz1dDZT6pXxiX6qTiP5C53Ipfj64QnR4Q%2526adurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.picuki.com%2F$0;xdt=0;crlt=wBZ-L2WyBT;stc=1;chaa=1;sttr=209;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49540
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1679312138029146"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 23:38:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C6F8
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwk72WmgTOHdlXMgx7IvHxmy3Nry13nzKxHfP3NL4nRQyeqHKuoVILuUurnmxQ8YGO72EUKitLS6XSFONISGte5vs_qqDHGdD08ZtdZKd_Xu4_iAcEPnbW69-8OI3gZNJ8Yc8BNgN03UxFE0Tal8qHayAhQAigjDoa&sai=AMfl-YQ7c4Q75ZkbxLPCDuNtHoaCKntojXBm5sJ0G83U3gucK4pTODzYnED6UjPAkrluw6QcYgo6reyW07OQZrwamXtYJeDZEwR9h_c6Kg&sig=Cg0ArKJSzDaD6RUWoXfHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230321.97576&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1339858.279382INVITEMEDIAINC.D/B29353508.359035546;dc_ver=95.280;sz=728x90;u_sd=1;dc_adk=821346888;ord=jj4ohq;click=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NzQ4NTY5JmFkSWQ9MzEyNTQxNCZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE2NTM3NDQxMTcyMjY5NTUwMTE4JmFkU2VydmVySWQ9MjQzJmltcGlkPTg2RTk5M0E3LUZGMTEtNEJCRS04NTk5LThFQTkzM0U4NEJCRCZwYXNzYmFjaz0w_url%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCpb8tV5EbZOCdOJCG7_UPn9OZ-AiQ9pnQb-ut8r2MEWQQASDLidYjYJXikIKgB8gBCakCTPfOg6A3sj6oAwGqBPYBT9C1TGIdjJWL340eOJ8WWvNKxvN7MlQfjuCJDbdlp1UxtyksgMB-KAmT3cFytiN_8kmfk8v8-tBi2N3uvErp4pb_kHbCT0iHQtZsm21AeY-DjLh98N1jSaMLhcWSiK-ma2Vk57l4wp0jCNxra1vB1K4xtizs-TQT26EKlmEoq-rf8I7bdBPaRAKQQ7BZSij2h7qBk7A_aBAflUn9HiX9P-d8caj04G7TgT51tJJRmHjkTg9tEXSrcp2OKfc0WpM56S1QgxiMbJ3eUO08nMq-ayFS-dDYl-FjCu-8cmLzRxE2wR6ufanGEe9nRUvPqoBv7uSnJ9jTwASU_py3pgTgBAOQBgGgBk2AB4CxgNYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYXzICqgI6AoBA8ggNYmlkZGVyLTc0ODU2OYAKBJgLAcgLAYAMAbAT0MfSEtATANgTENgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSGwDUE5ymZYn0EUllwXloCQ0-ga-11RJMKocZ0RgB%2526sig%253DAOD64_1Ft4lRYCE6mKCP_vMSPFPS3Uc5yw%2526client%253Dca-pub-6362111942204036%2526dbm_c%253DAKAmf-CKlQiN19BWUeW8EbOlNpYGklWSYzjkARNVtOvPA2PxI3HTqzTzXRTs1hf6N5AAH1GT51r8EvCKYVZFNu5L5bvpP0gFeJV3YZ9uj4I8MQCJpYcvWO8ZtkzOLUOCp-m3kpZfYn-iFAYCalDO3qRK8vLYtD40eBit3V_1z9HX9oWFDmPBQ3g%2526cry%253D1%2526dbm_d%253DAKAmf-AxNwbMtSx32GccRlKVSKu1fvr_g1JWUsNmlWnFMBqtoCLbY3Af5OWC4RSHi2h__zgOoS5XziNns0EFwD9nlKbRCzMYZQ4LluLswD3WUfQhVFL99jh4grcORt_m2mHJbB06AOv8ISmEU8Vr9GGFxbhTKAH8Rp6juJwLfh1VhpVJRXAspZ7DjslwYULgTApmu628fWlcyHGJQsNXBkbZHTk0NCnazmvMbhAhE1SnTVsZRr58ojAzQ-8eiCVLB3o3M8YkQwwXVPKoVV9ixV91mLb98OQShUu0SGexxHGy6B7-UY4xx-2-IAaMZmCrkkeR_x8aTSs6s6Yw9r4FQnRGLOOobA8YpTShfxY_x-1OaTNnwa3NQsm0ZGmCmZEWFZWKz_Dl86OSrDSxSgF-kb2si9QZFkMGdAKMFx_yA3jpEIcowuDf42dkl0Hjz7qgwoPZvdc2E1vW4ijaxLjV0ZyzVTSgGFVPgRt-d2WxhNELKbF8dZfgoO3vBW6UvbtqJPz1dDZT6pXxiX6qTiP5C53Ipfj64QnR4Q%2526adurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.picuki.com%2F$0;xdt=0;crlt=wBZ-L2WyBT;stc=1;chaa=1;sttr=209;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Mar 2023 23:38:03 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C6F8
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1339858.279382INVITEMEDIAINC.D/B29353508.359035546;dc_ver=95.280;sz=728x90;u_sd=1;dc_adk=821346888;ord=jj4ohq;click=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NzQ4NTY5JmFkSWQ9MzEyNTQxNCZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE2NTM3NDQxMTcyMjY5NTUwMTE4JmFkU2VydmVySWQ9MjQzJmltcGlkPTg2RTk5M0E3LUZGMTEtNEJCRS04NTk5LThFQTkzM0U4NEJCRCZwYXNzYmFjaz0w_url%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCpb8tV5EbZOCdOJCG7_UPn9OZ-AiQ9pnQb-ut8r2MEWQQASDLidYjYJXikIKgB8gBCakCTPfOg6A3sj6oAwGqBPYBT9C1TGIdjJWL340eOJ8WWvNKxvN7MlQfjuCJDbdlp1UxtyksgMB-KAmT3cFytiN_8kmfk8v8-tBi2N3uvErp4pb_kHbCT0iHQtZsm21AeY-DjLh98N1jSaMLhcWSiK-ma2Vk57l4wp0jCNxra1vB1K4xtizs-TQT26EKlmEoq-rf8I7bdBPaRAKQQ7BZSij2h7qBk7A_aBAflUn9HiX9P-d8caj04G7TgT51tJJRmHjkTg9tEXSrcp2OKfc0WpM56S1QgxiMbJ3eUO08nMq-ayFS-dDYl-FjCu-8cmLzRxE2wR6ufanGEe9nRUvPqoBv7uSnJ9jTwASU_py3pgTgBAOQBgGgBk2AB4CxgNYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYXzICqgI6AoBA8ggNYmlkZGVyLTc0ODU2OYAKBJgLAcgLAYAMAbAT0MfSEtATANgTENgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSGwDUE5ymZYn0EUllwXloCQ0-ga-11RJMKocZ0RgB%2526sig%253DAOD64_1Ft4lRYCE6mKCP_vMSPFPS3Uc5yw%2526client%253Dca-pub-6362111942204036%2526dbm_c%253DAKAmf-CKlQiN19BWUeW8EbOlNpYGklWSYzjkARNVtOvPA2PxI3HTqzTzXRTs1hf6N5AAH1GT51r8EvCKYVZFNu5L5bvpP0gFeJV3YZ9uj4I8MQCJpYcvWO8ZtkzOLUOCp-m3kpZfYn-iFAYCalDO3qRK8vLYtD40eBit3V_1z9HX9oWFDmPBQ3g%2526cry%253D1%2526dbm_d%253DAKAmf-AxNwbMtSx32GccRlKVSKu1fvr_g1JWUsNmlWnFMBqtoCLbY3Af5OWC4RSHi2h__zgOoS5XziNns0EFwD9nlKbRCzMYZQ4LluLswD3WUfQhVFL99jh4grcORt_m2mHJbB06AOv8ISmEU8Vr9GGFxbhTKAH8Rp6juJwLfh1VhpVJRXAspZ7DjslwYULgTApmu628fWlcyHGJQsNXBkbZHTk0NCnazmvMbhAhE1SnTVsZRr58ojAzQ-8eiCVLB3o3M8YkQwwXVPKoVV9ixV91mLb98OQShUu0SGexxHGy6B7-UY4xx-2-IAaMZmCrkkeR_x8aTSs6s6Yw9r4FQnRGLOOobA8YpTShfxY_x-1OaTNnwa3NQsm0ZGmCmZEWFZWKz_Dl86OSrDSxSgF-kb2si9QZFkMGdAKMFx_yA3jpEIcowuDf42dkl0Hjz7qgwoPZvdc2E1vW4ijaxLjV0ZyzVTSgGFVPgRt-d2WxhNELKbF8dZfgoO3vBW6UvbtqJPz1dDZT6pXxiX6qTiP5C53Ipfj64QnR4Q%2526adurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.picuki.com%2F$0;xdt=0;crlt=wBZ-L2WyBT;stc=1;chaa=1;sttr=209;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 10:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Mar 2024 10:06:00 GMT
/
track.adform.net/adfserve/ Frame 43D7
5 KB
3 KB
Script
General
Full URL
https://track.adform.net/adfserve/?CC=1&bn=61989835;rtbwp=0.193;rtbdata=1wXVmOKGFMeYEdvmklPxhNk0KB_EYkvmaiQnMfGm2TYO3DK8ywBXfXl_SwACTqE9X7RxklPDOtbFTHRNyquuiK11uVSu7IYHAKV4i2Uo6VRhBgroSqz0GgdIYh1LpHnOgzsBhBQPgcrCiuTDideiUSMoB1m109rl9U34vHQLoUPay7XrhSpSrimJ_IU6mQ8yGSZ2ua8m9SuqCaudDXlbWkRIyqqHyGJf8feAJlkdSKsZbsISCitjMV4Lqz-_VnrBNbiahArKc7BxZwrEVgYIC84xMoc8Yp1b4UFuhV40q881;js=1;adfxid=1x;5418;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.picuki.com%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fce7e8e49834a09ac8eb2ac633fd1e3c5e5b6c2a8897bec9c7f2b25e69622f3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2385
expires
-1
sodar
pagead2.googlesyndication.com/getconfig/ Frame C6F8
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230321/r20110914/xfa/sodar_loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51baf8f093d9035b6bc41dc01a1893097d607b21fc4b26bb33827d07d151c5dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5770
x-xss-protection
0
getuid
eb2.3lift.com/ Frame B73E
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 0EA7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssL5vXc2X4620NFU3Dan57nGSn6EmBGAz42OV5-TqD-LTOAi9ER5RcvCsB6KjtbhkosleguVj8WLJQa_hnUTG8vA6OvO2U0WKDfbU_TAWMWflPBvL2ACD-kFVx5vFwyzTUgcQsHLN2DFGHKM9aK6LRV6O11sbTr6OmehTOjTj9yO_8b1bOIuOCg3RyFZZ1x4MFuz6dc0sLXOYHOeN155mdk11IADMT710MR1UxBr15uoNnnwOai3Ret3k2UAAWrnPUVRqzdsctX5SoBcBlR0MHK2jg7o2E5QkLLP6KmqOeo3rVLbiwSon5r3yb79W_FvN3PmT7kQ3ttXtUEczi3s3i4t482IShbNl0&sai=AMfl-YSRuU0TlqLD0o5HSt2mu8Fg2M0KC_-DG7TXjhTix4ZGePOpubUYqzF-aoEafpAax6LguLEZTR0vjhMYe15vx3f03LKiCthlLwSJjyZSwnTNycfbXslDQutEitdIkvg&sig=Cg0ArKJSzKKYQL92cNbfEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Mar 2023 23:38:03 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 60CB
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
400001
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Mar 2023 08:31:22 GMT
expires
Sun, 17 Mar 2024 08:31:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 43D7
91 KB
39 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0506588d6503367f42582fd66839c5687cee6a53dc6236091848ac63ff8f01af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 03 Feb 2023 15:41:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C6F8
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwk72WmgTOHdlXMgx7IvHxmy3Nry13nzKxHfP3NL4nRQyeqHKuoVILuUurnmxQ8YGO72EUKitLS6XSFONISGte5vs_qqDHGdD08ZtdZKd_Xu4_iAcEPnbW69-8OI3gZNJ8Yc8BNgN03UxFE0Tal8qHayAhQAigjDoa&sai=AMfl-YQ7c4Q75ZkbxLPCDuNtHoaCKntojXBm5sJ0G83U3gucK4pTODzYnED6UjPAkrluw6QcYgo6reyW07OQZrwamXtYJeDZEwR9h_c6Kg&sig=Cg0ArKJSzDaD6RUWoXfHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=203&vt=11&dtpt=201&dett=2&cstd=0&cisv=r20230321.97576&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1339858.279382INVITEMEDIAINC.D/B29353508.359035546;dc_ver=95.280;sz=728x90;u_sd=1;dc_adk=821346888;ord=jj4ohq;click=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjE5MSZzaXRlSWQ9NzQ4NTY5JmFkSWQ9MzEyNTQxNCZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE2NTM3NDQxMTcyMjY5NTUwMTE4JmFkU2VydmVySWQ9MjQzJmltcGlkPTg2RTk5M0E3LUZGMTEtNEJCRS04NTk5LThFQTkzM0U4NEJCRCZwYXNzYmFjaz0w_url%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCpb8tV5EbZOCdOJCG7_UPn9OZ-AiQ9pnQb-ut8r2MEWQQASDLidYjYJXikIKgB8gBCakCTPfOg6A3sj6oAwGqBPYBT9C1TGIdjJWL340eOJ8WWvNKxvN7MlQfjuCJDbdlp1UxtyksgMB-KAmT3cFytiN_8kmfk8v8-tBi2N3uvErp4pb_kHbCT0iHQtZsm21AeY-DjLh98N1jSaMLhcWSiK-ma2Vk57l4wp0jCNxra1vB1K4xtizs-TQT26EKlmEoq-rf8I7bdBPaRAKQQ7BZSij2h7qBk7A_aBAflUn9HiX9P-d8caj04G7TgT51tJJRmHjkTg9tEXSrcp2OKfc0WpM56S1QgxiMbJ3eUO08nMq-ayFS-dDYl-FjCu-8cmLzRxE2wR6ufanGEe9nRUvPqoBv7uSnJ9jTwASU_py3pgTgBAOQBgGgBk2AB4CxgNYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYXzICqgI6AoBA8ggNYmlkZGVyLTc0ODU2OYAKBJgLAcgLAYAMAbAT0MfSEtATANgTENgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSGwDUE5ymZYn0EUllwXloCQ0-ga-11RJMKocZ0RgB%2526sig%253DAOD64_1Ft4lRYCE6mKCP_vMSPFPS3Uc5yw%2526client%253Dca-pub-6362111942204036%2526dbm_c%253DAKAmf-CKlQiN19BWUeW8EbOlNpYGklWSYzjkARNVtOvPA2PxI3HTqzTzXRTs1hf6N5AAH1GT51r8EvCKYVZFNu5L5bvpP0gFeJV3YZ9uj4I8MQCJpYcvWO8ZtkzOLUOCp-m3kpZfYn-iFAYCalDO3qRK8vLYtD40eBit3V_1z9HX9oWFDmPBQ3g%2526cry%253D1%2526dbm_d%253DAKAmf-AxNwbMtSx32GccRlKVSKu1fvr_g1JWUsNmlWnFMBqtoCLbY3Af5OWC4RSHi2h__zgOoS5XziNns0EFwD9nlKbRCzMYZQ4LluLswD3WUfQhVFL99jh4grcORt_m2mHJbB06AOv8ISmEU8Vr9GGFxbhTKAH8Rp6juJwLfh1VhpVJRXAspZ7DjslwYULgTApmu628fWlcyHGJQsNXBkbZHTk0NCnazmvMbhAhE1SnTVsZRr58ojAzQ-8eiCVLB3o3M8YkQwwXVPKoVV9ixV91mLb98OQShUu0SGexxHGy6B7-UY4xx-2-IAaMZmCrkkeR_x8aTSs6s6Yw9r4FQnRGLOOobA8YpTShfxY_x-1OaTNnwa3NQsm0ZGmCmZEWFZWKz_Dl86OSrDSxSgF-kb2si9QZFkMGdAKMFx_yA3jpEIcowuDf42dkl0Hjz7qgwoPZvdc2E1vW4ijaxLjV0ZyzVTSgGFVPgRt-d2WxhNELKbF8dZfgoO3vBW6UvbtqJPz1dDZT6pXxiX6qTiP5C53Ipfj64QnR4Q%2526adurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.picuki.com%2F$0;xdt=0;crlt=wBZ-L2WyBT;stc=1;chaa=1;sttr=209;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Mar 2023 23:38:03 GMT
setuid
user-sync.adxpremium.services/ Frame B73E
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=77060fa2d95948f8d065d6f79855ddeefde83bc8640c537417b5d6c13ed9cf18
86 B
564 B
Image
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=77060fa2d95948f8d065d6f79855ddeefde83bc8640c537417b5d6c13ed9cf18
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=77060fa2d95948f8d065d6f79855ddeefde83bc8640c537417b5d6c13ed9cf18
Pragma
no-cache
Date
Wed, 22 Mar 2023 23:38:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C6F8
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230321/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Mar 2023 23:38:03 GMT
TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js
pagead2.googlesyndication.com/bg/ Frame 60CB
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/TU2PSynrXT7p2KnzXte8fEgQWf4_RAVzpVc0SCm-B08.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d4d8f4b29eb5d3ee9d8a9f35ed7bc7c481059fe3f440573a557344829be074f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 15:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
115653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14279
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Mar 2024 15:30:30 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8AD5
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_mR1yg3orh3RHxbJFqRZNOd--hIHXM82eoLz5TerZuFHPSWX0GbevoaylV4awnf3T19P5mfF-BqLXi_IP_sCOIf9KoUC7WvgFMFme83wr8rhS5WKJwmTFCKu2e7dazmMw5uzBsmrHnu3PI5rAV19RqGoZCL-23a6fbne6YMKQf7cpd_2Xw-Fj1VTy0TQ-Xx1T93GznU-AYunZfA2Vgl0rNcbFY6E_spabF5zn63VDKri_BIUSknkP2SBxp-vozpy-uwFZzasplTrhDY2yBKK8yl7OKJ5MD70-uix7VCi2P4FHbiQ6rE9GhaKBhUrSHzGHUmY02c0ATcP-ZZNa5RYv5bl2j6zDQZ0&sai=AMfl-YQilFY4fYrK0c4W2XsjY-HSfy2abmDxPnfqSpG35OKNG9c40sQ58ZIQ2T1LFytHcobeV6DCU3zzAG1pBOTCjNEbL757XgftP7VevkKwgog8IJFIOKZ48sSLZtxIids&sig=Cg0ArKJSzHqxQjsy7iGUEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Mar 2023 23:38:03 GMT
/
track.adform.net/csimpr/ Frame 43D7
0
0

en.png
s1.adform.net/banners/scripts/assets/images/OBA/ Frame 43D7
0
0

oba.png
s1.adform.net/banners/scripts/assets/images/OBA/ Frame 43D7
0
0

11114560.js
s1.adform.net/Banners/Elements/Files/2063409/11114560/ Frame 0EA7
8 KB
2 KB
Script
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2063409/11114560/11114560.js?ADFassetID=11114560&bv=257
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b0929d808f5debc5c6a30142552d75310252922d0ad88b44076a951728a13aed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 02:37:26 GMT
server
nginx
x-amz-request-id
tx000003df19b928a73f454-00641a375b-329530c7-default
etag
W/"e9995c4886ced58e02afabdd861cd79b"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
/
track.adform.net/serving/jslog/ Frame 0EA7
35 B
372 B
Image
General
Full URL
https://track.adform.net/serving/jslog/?src=htmlcb&msg=TypeError%3A%20parent.AdformWin1oq3ld52co0%20is%20not%20a%20function%0A%20%20%20%20at%20%3Canonymous%3E%3A1%3A12%0A%20%20%20%20at%20HTMLDocument.AZ%20(https%3A%2F%2Ftagan.adlightning.com%2Fsetupad%2Fb-e5e97ea-2c27eb81.js%3A1%3A75810)%0A%20%20%20%20at%20d%20(eval%20at%20%3Canonymous%3E%20(https%3A%2F%2Fs1.adform.net%2Fstoat%2F626%2Fs1.adform.net%2Fload%2Fv%2F0.0.226%2Fe%2F.gSBgiDQ%2Fi%2FvCAv.IAAAAAUAA%2Fr%3AAdConstructor%3Acontents%2FHTML%3Atypes%2FStandard%3A189%3A139)%2C%20%3Canonymous%3E%3A2%3A44)
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031601&jk=3343492961150122&bg=!AAOlA1fNAAbO2UOH7tk7ADkAdvg8WhIhBYITzurmE61ftOBFECh5qMSDRfSFlIKEqqJkp058vok16bq3e3-rRJplj2BgIDLz0eACAAAEo1IAAAAEaAEHCgAZzoQgTgz-4Z8q72pJajEWjTqFG93Hr_XZdJkCniNJKQN_WesVfCmLqD4kLDh5SfuDvc5CTc32nBGWJSSMFaGIoHiwXQ1dxKdrE-5cyuUHwcNzvS8u5oTxwvQmr2rOXMpBtGstup_Q-8VuHuPlAzMAyc2IPjiMFVMqRJAg_GKVS-IAwYwwmfX0YTop9hj1Lt9zigO0JnYbnAEdEdJoGPKAfJEiO0OtcsFSE5BPU75IH62JgkNDt1qdo1nrQOlWqz1x-fDVvHpyRyXUxoA3ZBDQDdlAXVscvhYwqtVOJjuWSIXk7ea-x1OUbVijVn-2PrXcEhe7ZJnlV9-fPbdL5lcxNNuBDi1Uvy3SKPlLCY7kofXOwz48_qK1fLXm2QV6TeXQahkvREIF4uaJ1jDplUsiUVDW6F2I7OGhG4Zp0gSQ6-UDwi1oJ9IjWBqZ4HRgFJh4AVaDUztCFUWJqhaAsM6lSYk3Y1c8RjwxJhdNRZvAXAzcXpNfQt6pDHKSvrDjR-8jCHJaQiVj8MdF-Vs8sAZsNmFKmhs_JXlxX0LKPAKezV1m7CUGrbXFzDxJPgmPi_0obSQtShSSiBtgMXHG4M2yIQlf7wKCmdjJhpa-h1dL8vQNa2CniHVC9d0E-6G0URuxFSwlc_6TkCdzEExs1f_aNgTU-8cCJngrA9nw3kQzDHqO_6tfRNmvUAPPXUnJkQnwL5iSfImybiOasSDss-yoEOWfuWWcX2kFijZ1b5oZaJNT5UlQ9D-ELS3aU7Ueb_-yt6vgVdzoI1ynmjah4Ivj8pkWivbNsC_ghrU1_lC5P-HRsCsbzc0hgnGf1eow_PNYVr-SxPje1PeKmnaCoFxSVOC_Nwy9wKi3zSDPweStMv-mehMigRtVkxlDLiuoYXWhu4sVOxFKDky6UqfVo3dXWrebW57I67kW-EM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js
pagead2.googlesyndication.com/bg/ Frame CD4C
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/t4_aWeuLa_BO9IGQ3R3HcB0TaFNoER_W7PQrl5RFgV0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 16:08:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
113375
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14115
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Mar 2024 16:08:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C276
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQgMqWpEbZOfDJcmV9u8PmpCn-A0AAAAAOAHgBAI&bg=!yMuly5_NAAbO2UOH7tk7ADkAdvg8WpjZcDrujbd4gnnQ11RbRsrMsArbMoaS4vvqZFWxKu5rZMnF7UnWYM_HAx8Celv_XzNCUhoCAAABcFIAAAADaAEHmQK7zjO5bHkYL0MihfKBqs_NGzpAWSH7pQCmJF0xXi5Cu_otqA7oOUrtBGzy04iuZkeU1pUfDFR_Ex-s70bVmCyLDcSm-VtF-uyFkSyjnFj8whRa34yPd3NzihRutGol8LGjGGdKbcswaKPH49spylfsQDqRWqVd-FAJcDgIKtspREyUQKCKII9v--E-gfV1oSlM-WFOinzT6vcNJRx5GNUlqhb2OuqYQpuIsxE4icULKD9n0qTBWbvDFid1Z_yaTWL5L4QuTVYVnbANy7HZTlSTz8H9PmhQmKcs2QLZ0eVIQ6Zx7MQBnN_I8HTox88I8U001Vty0HoL5VCGkth7CWLZ8czE3UXtTGSR56ufhG7RY3HlabUV12FkDwqNLbcU5rGfwIjphKrhglVAd61SO1ZtcF3Tkxeg5v3G7bTxvMtDiROBRt_cUisezzica3hyyxDLbaV7Ln-E8_UJB_OCxHuM8eHo7SVTMMEH0kqIvJ0-wBwHUZZfUNvhdj0Mq1cF-fkrdtehd1YqsDxWr5JUFFRAYkvlRALu7-p6ZLUuMz2eanHo1zp9JS-vcG755oZE2foMazurvcChgIw-Wq_ELIaE-LdlkJtgIDYothvZNz5tk1KslujvJQQQ3IbG-ePCTMhwTwXj5bd4rhgFNw0DkWklMeRf7VeuT8vlPmTE6t6clBeYtptV-E29rBgePgbkw2qmmddFy1uaV8hHJXwJTsFAaz_h_wPGXnrofzQDNywMUFNiYoZ1T1xStXoclsn1CdTGOkL9MgtaYVgzrg2Zu20NrqbzOY6Mw13RgSB1TlP6XhXig-oGt5rwNJnQQVtWn444nNs3W46n3HhemuXAQ6eSp-qDmZE22cILZuFlxHtUy5AVxtePfu__QU5Zmv-4JJKKpOlcfj7o998dUcbmRc_sxyYPxvBpRUs5jwE-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.min.css
s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/ Frame 0EA7
8 KB
2 KB
Stylesheet
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/style.min.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b40e2500d11affb66d506fe16c9a41c3f06cdb5c781b44bbd98bcffc39140096

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 02:37:26 GMT
server
nginx
x-amz-request-id
tx000003825e757205762af-00641a3759-329530c7-default
etag
W/"8702a4e03d3dc88fe043254f01e58df5"
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 0EA7
30 KB
14 KB
Script
General
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=0.516986105806605
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000a37373505363f9f8-0063766185-329354d9-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
text_jackpot.svg
s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/ Frame 0EA7
2 KB
1 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/text_jackpot.svg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d768bfd4ada17a45992f7ce9bb30f1bcfc2938251620e50c242696f0ea76ccf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 02:37:26 GMT
server
nginx
x-amz-request-id
tx00000056b78c00fdb6eb5-00641a3759-329530c7-default
etag
W/"e4a91eaa704926a7cf16b499a62bf74c"
x-cache-status
STALE
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
date.svg
s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/ Frame 0EA7
9 KB
3 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/date.svg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9f018540529cec6702cb58af04fa367b56ce28e7360ba7f44d37dfd9463e94e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 02:37:26 GMT
server
nginx
x-amz-request-id
tx00000ef089f1781eaca9d-00641a3759-32957dc9-default
etag
W/"7dfff58dc5cc1d0577b4f5a73fc34f7d"
x-cache-status
STALE
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
text_mio.svg
s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/ Frame 0EA7
2 KB
1 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/text_mio.svg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d8957691e3691ae1bfb96926483c5df7864a904ed4328c41e5b3a2fdbd4d2182

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 02:37:26 GMT
server
nginx
x-amz-request-id
tx0000064c79124c0f751aa-00641a3759-32953090-default
etag
W/"6f1fb4949fc22e2ce44aed0e34b700d3"
x-cache-status
STALE
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
cta.svg
s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/ Frame 0EA7
5 KB
2 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/cta.svg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f0bf1114e6ee9af76215e224bde2e345a41a16036d400bb229967305f28e86a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 02:37:26 GMT
server
nginx
x-amz-request-id
tx00000dd59e9277e500f74-00641a3759-3295a5be-default
etag
W/"a965a2c542ff1d41918f5fb8baad9bd5"
x-cache-status
STALE
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
logo_sl.svg
s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/ Frame 0EA7
5 KB
2 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/logo_sl.svg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7d9cb2cb4b7c4dd42526c2ba798d20c7dccf7dcc9def0ae8968fc87d17c39104

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 02:37:26 GMT
server
nginx
x-amz-request-id
tx00000883154951c8d094f-00641a3759-329530c7-default
etag
W/"cf843aaba2199560a5235a3243e4e013"
x-cache-status
STALE
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
bild.jpg
s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/ Frame 0EA7
65 KB
66 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/bild.jpg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2e321b9f4c43a8f4191a81cdd1a8e5835f9f405267710d86ea0c5573c42331fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
last-modified
Sat, 28 May 2022 02:37:26 GMT
server
nginx
x-amz-request-id
tx000007862f07b6daa79ed-00641a3759-3295cdcc-default
etag
"a7beeeb0b1d5cbafa9be3a0b78f51cae"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
66872
intro-text_1.svg
s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/ Frame 0EA7
5 KB
2 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/intro-text_1.svg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
518600d08e9f5f8eabc37fbd362f31adc82ea97ab63ff38126df11c2f0ffd85d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 02:37:26 GMT
server
nginx
x-amz-request-id
tx000000ae2c4c1b03c313f-00641a3759-329530c7-default
etag
W/"9a461b8e23c7eebe0c57be95e671df34"
x-cache-status
STALE
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
intro-text_2.svg
s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/ Frame 0EA7
4 KB
2 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/intro-text_2.svg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
be01b79a9d29bf45cd7cca11973b54d135434eafebb9a52ec5931e9cdcc17068

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 02:37:26 GMT
server
nginx
x-amz-request-id
tx0000005c2dfa762c762d4-00641a3759-3295cdcc-default
etag
W/"8579e8c0efab3a88df838f6834184798"
x-cache-status
STALE
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
logo_ejp.png
s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/ Frame 0EA7
5 KB
5 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/logo_ejp.png
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3ddebf70c79ef3a7bd79cdfbab63bdb0b20a6d266d6dedde77e920215db809d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
last-modified
Sat, 28 May 2022 02:37:26 GMT
server
nginx
x-amz-request-id
tx000004d902a9cb17bbce4-00641a3759-3295cdcc-default
etag
"9a226dce85f98181920d3b8501281afc"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5091
script.js
s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/ Frame 0EA7
2 KB
1 KB
Script
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/script.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f78884cc9b251503cdeb8b221838cb30c507f997aee521569f8053af318812d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 02:37:26 GMT
server
nginx
x-amz-request-id
tx0000003c8bac54f991179-00641a3759-3295a5be-default
etag
W/"fa75940594719fd26e856282f6d1a779"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
css2
fonts.googleapis.com/ Frame 0EA7
1 KB
816 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;900&display=swap
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c49e6c1e7b0c11085fa47361af94b0a69ab485c41ad01f347e5139c9582ca56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Mar 2023 23:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 23:38:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Mar 2023 23:38:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 60CB
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bja0EW5EbZNmBBeqs9u8Pn-KdmA8AAAAAOAHgBAI&bg=!e3ileCzNAAbO2UOH7tk7ADkAdvg8WkgTeKsuAIrMR9LO_xhYLWpyoxcJK7-6ErAFJeGObHNbzpYE7PAuaGJ34jBwXX66uOQ8OOECAAAAnFIAAAACaAEHCgAitTIH0imEtGR2RnLhXMd-xi5_3PtqfoHqfJrKWl6mnLSep5kC5N1pcfnxz01uL7TLE_j0clBZkOo8WSB1UiYKAJAAO19M8TROXisKtMMoXvVXmj88ZiNElbEa7elnw6kmEG9uGSMlW5XKTWmqbuDqiuMqxfmK05RzheJLg_S5EWiEw41TYV7hpzKpFzBT4DFxOufg4434oLCalkszpeJ7FM13YJQh2BiWkQ6x1SfeXZT1g0nzVcZJXuC9uaprGcE07O0PWkRhULWGjEDpPwLLvmGcWjpzd7U_TRgQrrqKrtjcdGV8qNg_HZHG0Wx04jxQ5FegdY3e3-LaOAIf8YQBlNI_m1QVQmoQ2JWwYjxRhT9vsUM45IzODnoJJ99JAt77taTF-BTbLMOcgyi9KHwYKU5pzs5dwSnTy2KSOyCcqrKeaY3fbftiH-e651mS8Yv9AweEyGDmtwxmUybce7LBN7GRIbtn0_Z6CBhTFgaSXxwZ_renx_B108RC8htDfPZ53Wn9zvPIgBb1TJD0eXxSgVUYgsApsPuEVB6jPImrHUdvXcu6Q1Mxi8pTXLO9eR-NNZEh8DueBz9VlAYWG4gU7uJNipEeHSl5r_EamNf491RaBCE45WTEv7e1hciU8yjT7cuTQCt8sG8yGQMByn5yxCWHwrdaNDAydW_snI0j0SL0jqtBkPVhGIesq1zCeK8NS9cSAa6U_lo2ogZACaYidAvr1D0eePhkvpRE3PfuWtf0WoOkqEJlOaJ0r9016D4FDxgTTrCM1do56REruJGM7vtt6Qsmy-58TKmZf3FZH5rUNyUo11Fdu7RPUn0xS9TjoDJJuktTCmhjDT04quidIfmdGD78LtEQI-sOikBmnbfbldMTUAjLFOfH0Y78xsUO0ldgsZxhcXhguBDf2qbXyLS3QnbjOC4OCqmWCovOjNivk-VGtHhK11s3eXjtx2FX1uQNiDl9q8yq3WqxfsOc_s_POtZQaGyfEmg5KSnD8Nws1UnNj2_eQkb-ytFuI1thMcyoxZ4nBkgr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
vid.vidoomy.com/ Frame 7936
49 KB
18 KB
Document
General
Full URL
https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7e9e84cfacbfd1f40751fb754c9ac00f8a49435e1829de0933dd02c1687fcc97

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Wed, 22 Mar 2023 23:38:03 GMT
etag
W/"640615ca-c23d"
last-modified
Mon, 06 Mar 2023 16:33:14 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-cache
HIT
x-77-nzt
AcO1qhEy7gP/lpkJAA
x-77-nzt-ray
4c15622430e552b25b911b64c4ffd032
x-77-pop
frankfurtDE
x-accel-expires
@1679935941
x-age
629142
x-cache
HIT
jackpotinfo.xml
wlresults.westlotto.com/ Frame 0EA7
228 B
2 KB
XHR
General
Full URL
https://wlresults.westlotto.com/jackpotinfo.xml
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2003:8:10:2:0:a10:985f:325a , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
WestLotto /
Resource Hash
c432b25f3773ab36cc24ebd416c0473009a72dc4c58d90ca597284683222bd4b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Wed, 22 Mar 2023 23:38:03 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Via
AX-CACHE-4.1:0
Age
0
Content-Security-Policy-Report-Only
default-src 'self' wlresults.westlotto.com wlresults.westlotto.de; script-src 'self' wlresults.westlotto.com wlresults.westlotto.de; script-src-elem 'self' wlresults.westlotto.com wlresults.westlotto.de; style-src 'self' wlresults.westlotto.com wlresults.westlotto.de; style-src-elem 'self' wlresults.westlotto.com wlresults.westlotto.de; connect-src 'self' wlresults.westlotto.com wlresults.westlotto.de; font-src 'self' wlresults.westlotto.com wlresults.westlotto.de; img-src 'self' wlresults.westlotto.com wlresults.westlotto.de; child-src 'self' wlresults.westlotto.com wlresults.westlotto.de; frame-src 'self' wlresults.westlotto.com wlresults.westlotto.de; block-all-mixed-content; base-uri 'self'; report-uri https://1934a11189c9ec9d302de0ee10e4c650.report-uri.com/r/t/csp/reportOnly
Cross-Origin-Resource-Policy
same-site
Content-Length
228
X-Xss-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 22 Mar 2023 23:38:01 GMT
Server
WestLotto
ETag
"e4-5f785a6a0d7f3"
Expect-CT
enforce, max-age=3600, report-uri="https://1934a11189c9ec9d302de0ee10e4c650.report-uri.com/r/t/ct/enforce"
Vary
User-Agent
Upgrade
h2,h2c
Content-Type
text/xml
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Permissions-Policy
geolocation=(self "https://wlresults.westlotto.com" "https://wlresults.westlotto.de"), microphone=()
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame 0EA7
22 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.picuki.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:48 GMT
x-content-type-options
nosniff
age
140415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:48 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 0EA7
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.picuki.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:41 GMT
x-content-type-options
nosniff
age
140422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:41 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E7CD
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuv8AKYZf374gBtOtuOJWsyFlXXDLLtI5PPMafYS8P19bxnFZySdo6ueAxW5H0RHVExybZ7aoIQwJjAyvn1HRe0foKGpnFNAYk4apZMsiEeak0Mm_Mi&sig=Cg0ArKJSzKpzXvH_w4lREAE&id=lidar2&mcvt=1000&p=1090,436,1184,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230320&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=19&adk=401243216&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679528281116&rpt=1695&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
user-sync.adxpremium.services/ Frame B73E
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZBuRW94HJW-.9VPGyXOvOgAA%261156
86 B
692 B
Image
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZBuRW94HJW-.9VPGyXOvOgAA%261156
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:04 GMT
content-length
86
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Wed, 22 Mar 2023 23:38:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZBuRW94HJW-.9VPGyXOvOgAA%261156
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
ev
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ev?inv_code=SETUPAD_RON_970x250_Prebid&aid=2018735542396918170290&rev=beecd2b&pr=0.0723&bc=0.193&bmid=7354&biid=7056&sid=111799&brid=106903&adid=61989835&crid=131818114&ts=1679528279&bcud=193&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=83187
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 7936
1 KB
738 B
XHR
General
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
79adcf5d728d216874b367b40d662ba0d00c67de3c6a921a91a6233e59c7da9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 22 Mar 2023 23:38:04 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
634618
x-77-nzt
AcO1qhEc9or/+q4JAA
x-accel-expires
@1679930466
last-modified
Thu, 09 Feb 2023 09:51:05 GMT
server
CDN77-Turbo
etag
W/"63e4c209-42e"
x-77-nzt-ray
4c15622418eeadb55c911b6488d3c50d
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
f3ee3045-de90-420d-8a6d-99e79c8b0ee7
de-core.iprom.net/h/log/ Frame 8AD5
43 B
282 B
Image
General
Full URL
https://de-core.iprom.net/h/log/f3ee3045-de90-420d-8a6d-99e79c8b0ee7?hts=202303230037&type=v&referer=https%3A%2F%2Fwww.picuki.com%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.63.45.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.45.45.63.178.clients.your-server.de
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:03 GMT
x-core-time
1ms
vary
Accept-Encoding
content-type
image/gif
x-server-arch
v2
connection
close
content-length
43
x-adserver-worker
de-erebus-884d3d44a30e@version_1.536v2
6.svg
s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/ Frame 0EA7
1 KB
995 B
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/6.svg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f4e72871890aede7d8a3fbf9e01cf6682baee76ac38012b403b5a1e6f61deddc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:04 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 02:37:26 GMT
server
nginx
x-amz-request-id
tx0000098de091dcedb6504-00641a3759-32957dc9-default
etag
W/"e8a9dbc5baf86af4e1d04c73d7af007d"
x-cache-status
STALE
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
5.svg
s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/ Frame 0EA7
1 KB
934 B
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2063409/11114560/bvpath_257/5.svg
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c21484302ebf80a08dadc2c12b247de671fc5c3064b1d4f9d042925feb3f7110

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:04 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 02:37:26 GMT
server
nginx
x-amz-request-id
tx0000096637ade60a3c59e-00641a3759-32957db0-default
etag
W/"1557cca0a3bd2ea858f919334eec9ab1"
x-cache-status
STALE
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 96DC
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=75675
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 22 Mar 2023 23:38:04 GMT
expires
Thu, 23 Mar 2023 20:39:19 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame B73E
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 22 Mar 2023 23:38:04 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
avw.gif
c.4dex.io/
0
44 B
XHR
General
Full URL
https://c.4dex.io/avw.gif?adu_code=picuki.com_1200x300_1&evt=vsbl&pv_id=29f6d4a2-d1c4-4adf-9ef1-7a35047c6ec4&adu_el_id=picuki.com_1200x300_1&v=0&tz_off=0&js_late=1&js_ts=1679528280578&size=728x90&pbjs_sizes=970x250%2C728x90%2C970x90%2C1300x300%2C980x300%2C1200x200%2C1100x200%2C1000x200%2C1000x250%2C970x300%2C980x240%2C980x120%2C970x200%2C970x120%2C728x100%2C728x250&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=1472&pg_durat=4765&pg_paused=0&pg_exp=4765&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-1000&clk_time=&reset=1&adsrv_adu_exp=0&navs_ts=1679528278537&trgr_ts=1679528281098&init_ts=1679528281099&start_ts=1679528281100&reset_ts=1679528282365&vsbl_ts=1679528283664&adsrv_vsbl_ts=1679528282418&auct_id=18676bca-660e-4df1-bb2d-9495a706e44f&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=article&cat=arts%26entertainment&env=desktop&org_id=1053&pgtyp=article&plcmt=picuki.com_1200x300&site=picuki-com&subcat=&adsrv=dfp&adsrv_advrt_id=5245030555&adsrv_cmpgn_id=3124255601&adsrv_crea_id=138417123958&adsrv_empty=0&adsrv_lnitem_id=6181562819&adsrv_size=1x1&adgjsv=1.16.2
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:04 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
avw.gif
c.4dex.io/
0
254 B
XHR
General
Full URL
https://c.4dex.io/avw.gif?adu_code=picuki.com_1200x300_2&evt=vsbl&pv_id=29f6d4a2-d1c4-4adf-9ef1-7a35047c6ec4&adu_el_id=picuki.com_1200x300_2&v=0&tz_off=0&js_late=1&js_ts=1679528280578&size=728x90&pbjs_sizes=970x250%2C728x90%2C970x90%2C1300x300%2C980x300%2C1200x200%2C1100x200%2C1000x200%2C1000x250%2C970x300%2C980x240%2C980x120%2C970x200%2C970x120%2C728x100%2C728x250&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=1471&pg_durat=4766&pg_paused=0&pg_exp=4766&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-1000&clk_time=&reset=1&adsrv_adu_exp=0&navs_ts=1679528278537&trgr_ts=1679528281101&init_ts=1679528281101&start_ts=1679528281101&reset_ts=1679528282365&vsbl_ts=1679528283665&adsrv_vsbl_ts=1679528282419&auct_id=18676bca-660e-4df1-bb2d-9495a706e44f&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=article&cat=arts%26entertainment&env=desktop&org_id=1053&pgtyp=article&plcmt=picuki.com_1200x300&site=picuki-com&subcat=&adsrv=dfp&adsrv_advrt_id=5245030555&adsrv_cmpgn_id=3124255601&adsrv_crea_id=138417123298&adsrv_empty=0&adsrv_lnitem_id=6181562813&adsrv_size=1x1&adgjsv=1.16.2
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:04 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
avw.gif
c.4dex.io/
0
44 B
XHR
General
Full URL
https://c.4dex.io/avw.gif?adu_code=picuki.com_1200x300_3&evt=reset&pv_id=29f6d4a2-d1c4-4adf-9ef1-7a35047c6ec4&adu_el_id=picuki.com_1200x300_3&v=0&tz_off=0&js_late=1&js_ts=1679528280578&size=728x90&pbjs_sizes=970x250%2C728x90%2C970x90%2C1300x300%2C980x300%2C1200x200%2C1100x200%2C1000x200%2C1000x250%2C970x300%2C980x240%2C980x120%2C970x200%2C970x120%2C728x100%2C728x250&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=0&pg_durat=4767&pg_paused=0&pg_exp=4767&vsbl=0&adsrv_vsbl=0&adsrv_att_delta=0&clk_time=&reset=1&adsrv_adu_exp=0&navs_ts=1679528278537&trgr_ts=1679528281102&init_ts=1679528281102&start_ts=1679528281102&reset_ts=1679528282365&vsbl_ts=&adsrv_vsbl_ts=&auct_id=18676bca-660e-4df1-bb2d-9495a706e44f&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=article&cat=arts%26entertainment&env=desktop&org_id=1053&pgtyp=article&plcmt=picuki.com_1200x300&site=picuki-com&subcat=&adsrv=dfp&adsrv_advrt_id=5245030555&adsrv_cmpgn_id=3124255601&adsrv_crea_id=138417123991&adsrv_empty=0&adsrv_lnitem_id=6181562813&adsrv_size=1x1&adgjsv=1.16.2
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:04 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
avw.gif
c.4dex.io/
0
44 B
XHR
General
Full URL
https://c.4dex.io/avw.gif?adu_code=picuki.com_728x90_anchor&evt=vsbl&pv_id=29f6d4a2-d1c4-4adf-9ef1-7a35047c6ec4&adu_el_id=picuki.com_728x90_anchor&v=0&tz_off=0&js_late=1&js_ts=1679528280578&size=728x90&pbjs_sizes=970x90%2C728x90%2C970x50%2C960x90%2C950x90&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=1567&pg_durat=4817&pg_paused=0&pg_exp=4817&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-706&clk_time=&reset=1&adsrv_adu_exp=0&navs_ts=1679528278537&trgr_ts=1679528281152&init_ts=1679528281153&start_ts=1679528281153&reset_ts=1679528282403&vsbl_ts=1679528283630&adsrv_vsbl_ts=1679528282831&auct_id=18676bca-660e-4df1-bb2d-9495a706e44f&featv=_&pg_dims=1600x1891&vp_dims=1600x1200&u_ts=1679528279&dom_l=145&pn=1&adu_pos=800x1135&dvc=2&os=windows&brwsr=chrome&url=https%3A%2F%2Fwww.picuki.com%2F&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=article&cat=arts%26entertainment&env=desktop&org_id=1053&pgtyp=article&plcmt=picuki.com_728x90_anchor&site=picuki-com&subcat=&adsrv=dfp&adsrv_advrt_id=5245030555&adsrv_cmpgn_id=3124255601&adsrv_crea_id=138417123898&adsrv_empty=0&adsrv_lnitem_id=6181562813&adsrv_size=1x1&adgjsv=1.16.2
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:04 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
sync.php
pixel.rubiconproject.com/exchange/ Frame B73E
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
user-sync.adxpremium.services/ Frame B73E
Redirect Chain
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=7433101869634256471
86 B
808 B
Image
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=7433101869634256471
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:04 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=7433101869634256471
date
Wed, 22 Mar 2023 23:38:04 GMT
server
nginx
content-length
0
content-type
text/plain
activeview
pagead2.googlesyndication.com/pcs/ Frame C6F8
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssanTgtjuI1CmatwxY50BeAbrmqwj8yoiebftFWifXhSCb72HUaqZqxEgnMb5IYIYFkExANLRm1NVg3bHRF9G5VntN_nm7fB2k&sig=Cg0ArKJSzPtAsLBQCOnuEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=821346888&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679528282974&rpt=456&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7CD
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8411444268979&version=m202301230201&ct=77&x=6&cor=181057053735362620
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E7CD
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFNEpZvIfrEuZ9VU1ipen3d4ZSaMgiq0eKsJO3_UyFU9O1kUbOjnn9TzWZrONkVT3ZNh5fBCakI9qmUFtNjtHf1pRpwD6mpVw&sig=Cg0ArKJSzDjNg7aM7JXWEAE&id=lidar2&mcvt=1001&p=0,0,94,728&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20230320&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=32&adk=1523019096&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679528281116&rpt=2378&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-e5e97ea-2c27eb81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame D299
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156191&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 22:07:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame D884
1021 B
1 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95656653&p=156191&s=748569&a=0&ptask=DSP&np=0&fp=1&rp=1&mpc=6&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5f2ee9b9c8516ef84752b545a7fe18694eb377373b0d2ca3ccdf96ab0b5c3a15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 22 Mar 2023 23:38:05 GMT
content-length
1021
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 088D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 22 Mar 2023 23:38:04 GMT
expires
Wed, 22 Mar 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1089035
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 1961
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MDR-DT8xegsrOXtfN2FiCjNkKVwrYX4NMjJ8Cco6
42 B
420 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MDR-DT8xegsrOXtfN2FiCjNkKVwrYX4NMjJ8Cco6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 22 Mar 2023 23:38:05 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MDR-DT8xegsrOXtfN2FiCjNkKVwrYX4NMjJ8Cco6
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0001
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 22 Mar 2023 23:38:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
STDQZ9N9XATG327GCABH

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 22 Mar 2023 23:38:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
8QXA24HC29JMTFFA87P0
generic
match.adsrvr.org/track/cmf/ Frame D884
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 22 Mar 2023 23:38:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
66D0228B-1A8B-4019-82A5-3FEB65E6B32B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D884
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/66D0228B-1A8B-4019-82A5-3FEB65E6B32B?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:c4cb:4322:c3f3:dc8d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame D884
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.qmMFqlE2uWg.yrfyS64ZEuItGQldOY-~A&gdpr=0
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.qmMFqlE2uWg.yrfyS64ZEuItGQldOY-~A&gdpr=0
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.qmMFqlE2uWg.yrfyS64ZEuItGQldOY-~A&gdpr=0
date
Wed, 22 Mar 2023 23:38:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie
a.vidoomy.com/api/rtbserver/ Frame 7936
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3D35e196b0-2494-4f17-8f77-a7fa838cfd3...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=5ad9641b-915b-4d00-8c48-2767684d5af7&expires=30&ssp=vidoomy&bsw_param=35e196b0-2494-4f17-8f77-a7fa838cfd39&gdpr=0&gdpr_consent=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=35e196b0-2494-4f17-8f77-a7fa838cfd39
43 B
467 B
Image
General
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=35e196b0-2494-4f17-8f77-a7fa838cfd39
Protocol
H2
Server
35.156.59.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-59-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:06 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=35e196b0-2494-4f17-8f77-a7fa838cfd39
date
Wed, 22 Mar 2023 23:38:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pbscookie
a.vidoomy.com/api/rtbserver/ Frame 7936
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx&ox_sc=1
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=3d711721-2be9-43c4-9afc-a73bf0719e3b&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
0
196 B
Image
General
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=3d711721-2be9-43c4-9afc-a73bf0719e3b&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
Protocol
H2
Server
35.156.59.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-59-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 22 Mar 2023 23:38:05 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

Redirect headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:05 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=3d711721-2be9-43c4-9afc-a73bf0719e3b&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
ph4grrrrj1bmdf690pm308usig3pi240
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7936
0
0
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dpubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

PugMaster
image6.pubmatic.com/AdServer/ Frame BE31
813 B
1 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=88997937&p=156191&s=748569&a=0&ptask=DSP&np=0&fp=1&rp=1&mpc=6&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f9f6db1f1476b4c9a4ba57f73b5e74add70475f5ee59760afb51d71215dae828

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 22 Mar 2023 23:38:04 GMT
content-length
813
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 0888
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8058816932854632293&gdpr=0&gdpr_consent=
42 B
218 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8058816932854632293&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
8139e0a3-48fb-427e-8952-457bdb78e1b5
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Mar 2023 23:38:06 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8058816932854632293&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.196; 185.213.155.196; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7066
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7213519061078702221&gdpr=0&gdpr_consent=
42 B
297 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7213519061078702221&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 22 Mar 2023 23:38:06 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7213519061078702221&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame D83F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=k9kklAdZVvJ1I-dUGGl_hrnVm8Q&gdpr=0&gdpr_consent=
42 B
300 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=k9kklAdZVvJ1I-dUGGl_hrnVm8Q&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Mar 2023 23:38:06 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=k9kklAdZVvJ1I-dUGGl_hrnVm8Q&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame BE31
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=35e196b0-2494-4f17-8f77-a7fa838cfd39
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=35e196b0-2494-4f17-8f77-a7fa838cfd39
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=9571dd9a-1e8b-4cd0-9cc6-b891f5ecfbaf&user_group=1&ssp=pubmatic&bsw_param=35e196b0-2494-4f17-8f77-a7fa838cfd39
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=35e196b0-2494-4f17-8f77-a7fa838cfd39&gdpr=&gdpr_consent=&gdpr_pd=
1 B
166 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=35e196b0-2494-4f17-8f77-a7fa838cfd39&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=35e196b0-2494-4f17-8f77-a7fa838cfd39&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 22 Mar 2023 23:38:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame BE31
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:06 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame BE31
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 22 Mar 2023 23:38:05 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1BA3
3 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57182723&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5c6b38086f5a0f35a1026b74336e658e3d4765ad225aff5746a586457676eaa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 22 Mar 2023 23:38:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 2160
3 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31468072&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5c6b38086f5a0f35a1026b74336e658e3d4765ad225aff5746a586457676eaa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 0C42
3 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62956106&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5c6b38086f5a0f35a1026b74336e658e3d4765ad225aff5746a586457676eaa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame E17D
657 B
868 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36001002&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
047dfcee4fe3e0d89022431cec6f01ff285f81a916ad7b2908d43d430dd55ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 22 Mar 2023 23:38:06 GMT
content-length
657
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 1211
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGcmVrN0lOeU1BQUNFcFVuUW53Zw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGbMk7INyMAACA5vpVyog&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3486518970878298841&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGbMk7INyMAACA5vpVyog&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3486518970878298841%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3486518970878298841&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGbMk7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGbMk7INyMAACA5vpVyog&gdpr=0&gdpr_consent=
42 B
97 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGbMk7INyMAACA5vpVyog&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 22 Mar 2023 23:38:07 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGbMk7INyMAACA5vpVyog&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame D36E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZBuRXgACZ907YwAo&gdpr=1&gdpr_consent=&_test=ZBuRXgACZ907YwAo
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZBuRXgACZ907YwAo&gdpr=1&gdpr_consent=&_test=ZBuRXgACZ907YwAo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 22 Mar 2023 23:38:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZBuRXgACZ907YwAo&gdpr=1&gdpr_consent=&_test=ZBuRXgACZ907YwAo
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230096-FRA
x-timer
S1679528287.545969,VS0,VE0
bridge
cm.adgrx.com/ Frame 8E69
43 B
283 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-7
Pug
image2.pubmatic.com/AdServer/ Frame F92E
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=zq4jlnmipcur
42 B
309 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=zq4jlnmipcur
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Wed, 22 Mar 2023 23:38:06 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=zq4jlnmipcur
lws
42
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9EDD
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 22 Mar 2023 23:38:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cookiesync
core.iprom.net/ Frame 81B0
43 B
281 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 22 Mar 2023 23:38:06 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-a1833b09b8c0@version_1.536v2
X-core-time
1ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame 3EB2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
391 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7ac2442f7bce9265-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7ac2442e4b4c9265-FRA
content-type
text/html
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
123
Pug
simage2.pubmatic.com/AdServer/ Frame AF26
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1679528286464
  • https://ad.turn.com/r/cs?pid=45&rndcb=3987590456
  • https://sync.1rx.io/usersync/turn/4280806482388564353?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
42 B
254 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Wed, 22 Mar 2023 23:38:06 GMT
etag
RXab79c32aee9c47c496fe97f81e6dfa39003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cm
ipac.ctnsnet.com/int/ Frame 070A
43 B
369 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pub
matching.truffle.bid/sync/ Frame 20B8
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.40.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.26.40.90.157.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 22 Mar 2023 23:38:06 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
image2.pubmatic.com/AdServer/ Frame FAE7
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=64b2b33a7ee76471/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UWhXhYYgTnnTUWTb&gdpr=0&gdpr_consent=
42 B
224 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UWhXhYYgTnnTUWTb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UWhXhYYgTnnTUWTb&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 9B77
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B4767E0EA376416894B194D4BA72A92B&gdpr=0&gdpr_consent=
1 B
72 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B4767E0EA376416894B194D4BA72A92B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
Tue, 21 Mar 2023 23:38:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B4767E0EA376416894B194D4BA72A92B&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1BA3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZtAiixqLQBmCpT_rZeazKw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:06 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=75673
accept-ranges
bytes
content-length
5554
expires
Thu, 23 Mar 2023 20:39:19 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 1BA3
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.171.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-171-194.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:06 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.1.98
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 1BA3
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3571662320
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
0
45 B
Image
General
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:06 GMT
via
1.1 google
last-modified
Wed, 22 Mar 2023 23:38:06 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
date
Wed, 22 Mar 2023 23:38:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 1BA3
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDYzNm1SVTQyVUhTTDYtbWV4WHZHaU1oZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7433101869634256471&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
34.225.32.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-32-133.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Wed, 22 Mar 2023 23:38:07 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 22 Mar 2023 23:38:07 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1BA3
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8058816932854632293
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8058816932854632293
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 22 Mar 2023 23:38:06 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.196; 185.213.155.196; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ac31a392-d7e6-40ab-aabe-e3bfb06a69dc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8058816932854632293
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1BA3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3848460918160996737&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3848460918160996737&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3848460918160996737&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 22 Mar 2023 23:38:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 1BA3
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bfacc1b6-d661-4aa1-90af-2b1db5f51e6a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bfacc1b6-d661-4aa1-90af-2b1db5f51e6a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bfacc1b6-d661-4aa1-90af-2b1db5f51e6a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 22 Mar 2023 23:38:06 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2160
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZtAiixqLQBmCpT_rZeazKw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:06 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=75673
accept-ranges
bytes
content-length
5554
expires
Thu, 23 Mar 2023 20:39:19 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 2160
49 B
266 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.171.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-171-194.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:06 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.23.216
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 2160
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=780674882
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
0
284 B
Image
General
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:06 GMT
via
1.1 google
last-modified
Wed, 22 Mar 2023 23:38:06 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 2160
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDYzRFNlV2ItQkZTRldqa2NuSUNsdmk1UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7433101869634256471&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
34.225.32.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-32-133.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Wed, 22 Mar 2023 23:38:07 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 22 Mar 2023 23:38:07 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 4B41
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJdEwwN0lOeU1BQUNEbktTTXRsQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGbMk7INyMAACA5vpVyog&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4406522062560856605&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGbMk7INyMAACA5vpVyog&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4406522062560856605%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4406522062560856605&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGbMk7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGbMk7INyMAACA5vpVyog&gdpr=0&gdpr_consent=
42 B
200 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGbMk7INyMAACA5vpVyog&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 22 Mar 2023 23:38:07 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGbMk7INyMAACA5vpVyog&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame F2F2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZBuRXgACaHA7dwAo&gdpr=1&gdpr_consent=&_test=ZBuRXgACaHA7dwAo
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZBuRXgACaHA7dwAo&gdpr=1&gdpr_consent=&_test=ZBuRXgACaHA7dwAo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 22 Mar 2023 23:38:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZBuRXgACaHA7dwAo&gdpr=1&gdpr_consent=&_test=ZBuRXgACaHA7dwAo
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230096-FRA
x-timer
S1679528287.546044,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 2160
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8058816932854632293
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8058816932854632293
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 22 Mar 2023 23:38:06 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.196; 185.213.155.196; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
af879c60-1ccc-4eee-95bf-505615e5610a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8058816932854632293
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2160
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7883686184284961153&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7883686184284961153&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7883686184284961153&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 22 Mar 2023 23:38:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
bridge
cm.adgrx.com/ Frame 13D8
43 B
282 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-7
Pug
image2.pubmatic.com/AdServer/ Frame E09A
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=ub6bnigyq8tr
42 B
230 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=ub6bnigyq8tr
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Wed, 22 Mar 2023 23:38:07 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=ub6bnigyq8tr
lws
125
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2160
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:51a576c4-a3d4-4755-8d19-d6afd0d962c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:51a576c4-a3d4-4755-8d19-d6afd0d962c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:51a576c4-a3d4-4755-8d19-d6afd0d962c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 22 Mar 2023 23:38:06 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 91B4
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 22 Mar 2023 23:38:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cookiesync
core.iprom.net/ Frame 52C7
43 B
279 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 22 Mar 2023 23:38:06 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-d034f025bd30@version_1.536v2
X-core-time
1ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame A54C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
412 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7ac2442f7bcd9265-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7ac2442e5b539265-FRA
content-type
text/html
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
123
Pug
simage2.pubmatic.com/AdServer/ Frame 88D2
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1679528286464
  • https://ad.turn.com/r/cs?pid=45&rndcb=5966958852
  • https://sync.1rx.io/usersync/turn/3776403324123068801?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
42 B
97 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Wed, 22 Mar 2023 23:38:06 GMT
etag
RXab79c32aee9c47c496fe97f81e6dfa39003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cm
ipac.ctnsnet.com/int/ Frame 97F7
43 B
203 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pub
matching.truffle.bid/sync/ Frame 8725
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.40.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.26.40.90.157.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 22 Mar 2023 23:38:06 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
image2.pubmatic.com/AdServer/ Frame 4B95
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8e29facfae52339b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSnXRMgjMgnVXYYRh&gdpr=0&gdpr_consent=
42 B
202 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSnXRMgjMgnVXYYRh&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSnXRMgjMgnVXYYRh&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame DB80
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B4767E0EA376416894B194D4BA72A92B&gdpr=0&gdpr_consent=
1 B
53 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B4767E0EA376416894B194D4BA72A92B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 23:38:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
Tue, 21 Mar 2023 23:38:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B4767E0EA376416894B194D4BA72A92B&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0C42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZtAiixqLQBmCpT_rZeazKw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:06 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=75673
accept-ranges
bytes
content-length
5554
expires
Thu, 23 Mar 2023 20:39:19 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 0C42
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.171.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-171-194.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:06 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.24.64
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 0C42
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1191737688
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
0
45 B
Image
General
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:06 GMT
via
1.1 google
last-modified
Wed, 22 Mar 2023 23:38:06 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
date
Wed, 22 Mar 2023 23:38:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 0C42
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDYzRFNlV2ItQkZTRldqa2NuSUNsdmk1UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7433101869634256471&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
34.225.32.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-32-133.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Wed, 22 Mar 2023 23:38:07 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 22 Mar 2023 23:38:07 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 0BC9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHYk1rN0lOeU1BQUNBNXZwVnlvZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGbMk7INyMAACA5vpVyog&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1371215017451227794&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGbMk7INyMAACA5vpVyog&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1371215017451227794%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1371215017451227794&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGbMk7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGbMk7INyMAACA5vpVyog&gdpr=0&gdpr_consent=
42 B
97 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGbMk7INyMAACA5vpVyog&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 22 Mar 2023 23:38:07 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGbMk7INyMAACA5vpVyog&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame C980
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZBuRXgAABLY8ZAAo&gdpr=1&gdpr_consent=&_test=ZBuRXgAABLY8ZAAo
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZBuRXgAABLY8ZAAo&gdpr=1&gdpr_consent=&_test=ZBuRXgAABLY8ZAAo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 22 Mar 2023 23:38:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZBuRXgAABLY8ZAAo&gdpr=1&gdpr_consent=&_test=ZBuRXgAABLY8ZAAo
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230096-FRA
x-timer
S1679528287.604040,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 0C42
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8058816932854632293
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8058816932854632293
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 22 Mar 2023 23:38:06 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.196; 185.213.155.196; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6ea25b57-402a-4454-9f8d-fcf0b286c91a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8058816932854632293
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0C42
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7955743778322889089&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7955743778322889089&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7955743778322889089&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 22 Mar 2023 23:38:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
bridge
cm.adgrx.com/ Frame 7582
43 B
282 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-7
Pug
image2.pubmatic.com/AdServer/ Frame 9523
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1v2nc2igvm8p
42 B
229 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1v2nc2igvm8p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Wed, 22 Mar 2023 23:38:07 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1v2nc2igvm8p
lws
90
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0C42
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:18d8b625-7f26-48b1-ac95-10e4b3ab4da3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:18d8b625-7f26-48b1-ac95-10e4b3ab4da3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:18d8b625-7f26-48b1-ac95-10e4b3ab4da3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 22 Mar 2023 23:38:06 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 3968
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 22 Mar 2023 23:38:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cookiesync
core.iprom.net/ Frame 3FCE
43 B
281 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 22 Mar 2023 23:38:06 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-b92d053f2949@version_1.536v2
X-core-time
0ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame 6F21
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
393 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7ac2442fdbe79265-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7ac2442eab789265-FRA
content-type
text/html
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1120
RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
sync.targeting.unrulymedia.com/csync/ Frame D1C8
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=6595790995
  • https://sync.1rx.io/usersync/turn/7667513402171177345?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
43 B
377 B
Document
General
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Castricum, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
date
Wed, 22 Mar 2023 23:38:06 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
0
location
https://sync.targeting.unrulymedia.com/csync/RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
pragma
no-cache
cm
ipac.ctnsnet.com/int/ Frame 01AF
43 B
204 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pub
matching.truffle.bid/sync/ Frame 0379
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.40.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.26.40.90.157.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 22 Mar 2023 23:38:06 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
image2.pubmatic.com/AdServer/ Frame 5D0A
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bb30d920a55b2a42/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhhYaQRXagVVhXgWX&gdpr=0&gdpr_consent=
42 B
325 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhhYaQRXagVVhXgWX&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Mar 2023 23:38:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhhYaQRXagVVhXgWX&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 057B
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B4767E0EA376416894B194D4BA72A92B&gdpr=0&gdpr_consent=
1 B
53 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B4767E0EA376416894B194D4BA72A92B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 22 Mar 2023 23:38:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 22 Mar 2023 23:38:06 GMT
expires
Tue, 21 Mar 2023 23:38:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B4767E0EA376416894B194D4BA72A92B&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame E17D
95 B
382 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7ac2442eef2d3620-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame E17D
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:17 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Mar 2023 23:38:17 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame E17D
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&addseg=19,36,42
0
0
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&addseg=19,36,42
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Redirect headers

date
Wed, 22 Mar 2023 23:38:06 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
generic
match.adsrvr.org/track/cmf/ Frame E17D
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 22 Mar 2023 23:38:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
setuid
user-sync.adxpremium.services/ Frame E8A7
86 B
952 B
Document
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
86
content-type
image/png
date
Wed, 22 Mar 2023 23:38:07 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame D884
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156191&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
user-sync.adxpremium.services/ Frame 7936
86 B
1 KB
Document
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
86
content-type
image/png
date
Wed, 22 Mar 2023 23:38:07 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame BE31
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156191&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 22:05:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 1BA3
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156191&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 2160
0
48 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156191&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 0C42
0
48 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156191&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
avw.gif
c.4dex.io/
0
44 B
XHR
General
Full URL
https://c.4dex.io/avw.gif?adu_code=picuki.com_728x90_anchor&evt=exp_chg&pv_id=29f6d4a2-d1c4-4adf-9ef1-7a35047c6ec4&adu_el_id=picuki.com_728x90_anchor&v=1&tz_off=0&js_late=1&js_ts=1679528280578&size=728x90&pbjs_sizes=970x90%2C728x90%2C970x50%2C960x90%2C950x90&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=6066&pg_durat=9295&pg_paused=0&pg_exp=9295&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-706&clk_time=&reset=1&adsrv_adu_exp=0&navs_ts=1679528278537&trgr_ts=1679528281152&init_ts=1679528281153&start_ts=1679528281153&reset_ts=1679528282403&vsbl_ts=1679528283630&adsrv_vsbl_ts=1679528282831&auct_id=18676bca-660e-4df1-bb2d-9495a706e44f&featv=_&pg_dims=1600x1891&vp_dims=1600x1200&u_ts=1679528279&dom_l=145&pn=1&adu_pos=800x1135&dvc=2&os=windows&brwsr=chrome&url=https%3A%2F%2Fwww.picuki.com%2F&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=article&cat=arts%26entertainment&env=desktop&org_id=1053&pgtyp=article&plcmt=picuki.com_728x90_anchor&site=picuki-com&subcat=&adsrv=dfp&adsrv_advrt_id=5245030555&adsrv_cmpgn_id=3124255601&adsrv_crea_id=138417123898&adsrv_empty=0&adsrv_lnitem_id=6181562813&adsrv_size=1x1&adgjsv=1.16.2
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:08 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
avw.gif
c.4dex.io/
0
16 B
XHR
General
Full URL
https://c.4dex.io/avw.gif?adu_code=picuki.com_1200x300_1&evt=exp_chg&pv_id=29f6d4a2-d1c4-4adf-9ef1-7a35047c6ec4&adu_el_id=picuki.com_1200x300_1&v=1&tz_off=0&js_late=1&js_ts=1679528280578&size=728x90&pbjs_sizes=970x250%2C728x90%2C970x90%2C1300x300%2C980x300%2C1200x200%2C1100x200%2C1000x200%2C1000x250%2C970x300%2C980x240%2C980x120%2C970x200%2C970x120%2C728x100%2C728x250&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=6058&pg_durat=9329&pg_paused=0&pg_exp=9329&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-1000&clk_time=&reset=1&adsrv_adu_exp=0&navs_ts=1679528278537&trgr_ts=1679528281098&init_ts=1679528281099&start_ts=1679528281100&reset_ts=1679528282365&vsbl_ts=1679528283664&adsrv_vsbl_ts=1679528282418&auct_id=18676bca-660e-4df1-bb2d-9495a706e44f&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=article&cat=arts%26entertainment&env=desktop&org_id=1053&pgtyp=article&plcmt=picuki.com_1200x300&site=picuki-com&subcat=&adsrv=dfp&adsrv_advrt_id=5245030555&adsrv_cmpgn_id=3124255601&adsrv_crea_id=138417123958&adsrv_empty=0&adsrv_lnitem_id=6181562819&adsrv_size=1x1&adgjsv=1.16.2
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:08 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
avw.gif
c.4dex.io/
0
16 B
XHR
General
Full URL
https://c.4dex.io/avw.gif?adu_code=picuki.com_1200x300_2&evt=exp_chg&pv_id=29f6d4a2-d1c4-4adf-9ef1-7a35047c6ec4&adu_el_id=picuki.com_1200x300_2&v=1&tz_off=0&js_late=1&js_ts=1679528280578&size=728x90&pbjs_sizes=970x250%2C728x90%2C970x90%2C1300x300%2C980x300%2C1200x200%2C1100x200%2C1000x200%2C1000x250%2C970x300%2C980x240%2C980x120%2C970x200%2C970x120%2C728x100%2C728x250&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=6058&pg_durat=9329&pg_paused=0&pg_exp=9329&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-1000&clk_time=&reset=1&adsrv_adu_exp=0&navs_ts=1679528278537&trgr_ts=1679528281101&init_ts=1679528281101&start_ts=1679528281101&reset_ts=1679528282365&vsbl_ts=1679528283665&adsrv_vsbl_ts=1679528282419&auct_id=18676bca-660e-4df1-bb2d-9495a706e44f&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=article&cat=arts%26entertainment&env=desktop&org_id=1053&pgtyp=article&plcmt=picuki.com_1200x300&site=picuki-com&subcat=&adsrv=dfp&adsrv_advrt_id=5245030555&adsrv_cmpgn_id=3124255601&adsrv_crea_id=138417123298&adsrv_empty=0&adsrv_lnitem_id=6181562813&adsrv_size=1x1&adgjsv=1.16.2
Requested by
Host: www.picuki.com
URL: https://www.picuki.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.picuki.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:38:08 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
a.ipromcloud.com
URL
https://a.ipromcloud.com/2023/183394/22ab6142dd1639cf0ddb5d981ba7fa06_728.jpg
Domain
track.adform.net
URL
https://track.adform.net/csimpr/?bn=61989835&csi=-ZIuc9T0IW02QPhALq6gAIKm3JykOSq8WaEZ8GpAaFgJDwKV3Zer3KqU-7JKvkl-SD_5CpvCjguffIFD2bT7DmQBbo50IEXs0
Domain
s1.adform.net
URL
https://s1.adform.net/banners/scripts/assets/images/OBA/en.png
Domain
s1.adform.net
URL
https://s1.adform.net/banners/scripts/assets/images/OBA/oba.png

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 boolean| credentialless function| gtag object| dataLayer function| inView object| googletag function| $ function| jQuery function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| InfiniteScroll function| FuckAdBlock object| fuckAdBlock string| AJAX_URL boolean| PROCESSING string| folder function| adBlockDetected function| getRecentPosts function| getSimilarProfiles function| getComments function| loadMorePosts function| IsImageOk function| setResponsiveSearchPlaceholder function| showIconsAfterLoad function| createMedia function| time_ago function| downloadPhoto object| nude boolean| isAdBlockActive string| next string| query number| more function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| getEmail function| passbackCallback object| firebase function| __extends function| __assign function| __rest function| __decorate function| __metadata function| __param function| __awaiter function| __generator object| messaging function| getToken function| sendTokenToServer function| isTokenSentToServer function| setTokenSentToServer function| findCMP function| _defineProperty object| stpdSource function| stpdChunk object| stpd object| _pbjsGlobals function| stpdPassback object| ADAGIO string| clientContinent object| __stpdTags object| addthis_share object| addthis_config object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| __@@##MUH object| ggeac object| google_js_reporting_queue object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len function| onYouTubeIframeAPIReady object| gaGlobal undefined| google_measure_js_timing object| aax function| stpdLog object| Criteo object| gaplugins object| gaData object| c4b2Yc2 function| c4b2Yc3 object| xop object| ft15u20blds object| ooyajaloqgw object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| KT3WfB2 function| KT3WfB3 function| xblocker object| c2MruJ function| c2Mruu object| xblacklist object| sas object| apntag object| _ADAGIO object| GoogleGcLKhOms boolean| DFPMessageEnabled object| ONFOCUS object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| googDdmPs number| _tlTagsPending object| ipromNS object| Adform boolean| __adform_onload object| google_image_requests

101 Cookies

Domain/Path Name / Value
www.picuki.com/ Name: stpdOrigin
Value: {"origin":"direct"}
www.picuki.com/ Name: __atuvc
Value: 1%7C12
www.picuki.com/ Name: __atuvs
Value: 641b91579079ecdb000
.addthis.com/ Name: uvc
Value: 1%7C12
.picuki.com/ Name: _ga_D9ZR5E8BN1
Value: GS1.1.1679528279.1.0.1679528279.0.0.0
.picuki.com/ Name: __cf_bm
Value: daG2y4ZdLoC.1v08hDJODDkYvdKUDSGhNvxJOKgtnio-1679528279-0-AfHzu6Q4Tq1WGKieJzoFNlmOaA1l9+bDwjP4HSg9xv9N61doJ3gdCpY3RMos6w8D7ksCkNFQNAiquiNKDTpzwrc2ZRGVDK0uqIXslRJ8VWWQupdOc/M3p1gh4TnlDOfW3w==
www.picuki.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.prebid.a-mo.net/ Name: __amc
Value: 1_1679528279_1679528279
.picuki.com/ Name: _ga
Value: GA1.2.872619755.1679528280
.picuki.com/ Name: _gid
Value: GA1.2.2124736237.1679528280
.picuki.com/ Name: _gat_gtag_UA_153071106_1
Value: 1
.addthis.com/ Name: loc
Value: MDAwMDBFVURFQlkyMjg0MTkwMzAwNTAwMDBDSA==
.picuki.com/ Name: cto_bidid
Value: uRbfkl9mQ3lPVThyOUR5cmF4amJFNCUyRjNVbmx0RlBlJTJCd2F6VTNIQ1dYSXpwaElsb3oxQzZkdDdmMkRRZXJSeXp4aUY4UkltOTg3WEoxM0I4NDA4WDI3RHZodFElM0QlM0Q
.picuki.com/ Name: __gads
Value: ID=b9cbfcf34bcb2d5a:T=1679528280:S=ALNI_MboHyQaDHz5VaMDOy3MZcyiZrhWtw
.picuki.com/ Name: __gpi
Value: UID=00000bcaf32acdb7:T=1679528280:RT=1679528280:S=ALNI_Ma3SpW67phvWYufIX0UI3UDIjw2AQ
.doubleclick.net/ Name: IDE
Value: AHWqTUkfG9OLn0UfY321N6szVv71lOwc9rOzMn72xMsaSEzgDnmij9nyvwCHb275Prk
.criteo.com/ Name: uid
Value: aa95b291-8a76-48e7-88a1-3b552302af14
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 66D0228B-1A8B-4019-82A5-3FEB65E6B32B
.picuki.com/ Name: cto_bundle
Value: Z9MyX19pWENpakZrdWxJQXhBNXZkNmExemh1RGZ1JTJCc1lDZHZhcyUyQnBxOThTOUlJU2JoNUNxWFFPM3dlTG1vdmYxYzZPczJLdGhXTURjYllkRHZmUlElMkJxcVZkY09aMVUxM2pLd2FBUkVFZHVObHVVRlk4aWY1dzZyZU9nVVJWeE9qOVlGOWVuZVNsZzJIb1IlMkI3bGNCems2WFFVZyUzRCUzRA
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: B4767E0EA376416894B194D4BA72A92B
.de17a.com/ Name: guid
Value: 1.3532487262417699871
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-3532487262417699871
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEL-usC4x38nKL87n8GKK3Ts&KRTB&22987-CAESEL-usC4x38nKL87n8GKK3Ts&KRTB&23025-CAESEL-usC4x38nKL87n8GKK3Ts&KRTB&23386-CAESEL-usC4x38nKL87n8GKK3Ts
.adform.net/ Name: uid
Value: 7433101869634256471
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7433101869634256471&KRTB&23263-7433101869634256471
.adform.net/ Name: TPC
Value: 1679528283319
.mathtag.com/ Name: uuid
Value: 5ad9641b-915b-4d00-8c48-2767684d5af7
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:5ad9641b-915b-4d00-8c48-2767684d5af7&KRTB&16736-uid:5ad9641b-915b-4d00-8c48-2767684d5af7&KRTB&23019-uid:5ad9641b-915b-4d00-8c48-2767684d5af7&KRTB&23114-uid:5ad9641b-915b-4d00-8c48-2767684d5af7
.as.ck-ie.com/ Name: CID
Value: 9cfe92d835a7da339c0d05c1134d3c92d5873c24
.casalemedia.com/ Name: CMID
Value: ZBuRW94HJW-.9VPGyXOvOgAA
.casalemedia.com/ Name: CMPS
Value: 1156
.casalemedia.com/ Name: CMPRO
Value: 1156
.quantserve.com/ Name: d
Value: EKEBCwHJKPijAA
.quantserve.com/ Name: mc
Value: 641b915d-9401a-e5df3-a1b42
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-MDR-DT8xegsrOXtfN2FiCjNkKVwrYX4NMjJ8Cco6&KRTB&19420-MDR-DT8xegsrOXtfN2FiCjNkKVwrYX4NMjJ8Cco6&KRTB&22979-MDR-DT8xegsrOXtfN2FiCjNkKVwrYX4NMjJ8Cco6&KRTB&23462-MDR-DT8xegsrOXtfN2FiCjNkKVwrYX4NMjJ8Cco6
.yahoo.com/ Name: A3
Value: d=AQABBF2RG2QCENlIs5Yxk0befQlGAtkjSIIFEgEBAQHiHGQlZAAAAAAA_eMAAA&S=AQAAAiVzbYq5p8D_YH4Vm0DUU68
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2anz
.openx.net/ Name: i
Value: d703a7b7-3bf1-4fda-aba6-afc6150d6f4b|1679528285
.amazon-adsystem.com/ Name: ad-id
Value: A741xsqQmEB0h_GTKJC0hvA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidswitch.net/ Name: tuuid
Value: 35e196b0-2494-4f17-8f77-a7fa838cfd39
.bidswitch.net/ Name: c
Value: 1679528285
.bidswitch.net/ Name: tuuid_lu
Value: 1679528285
.adfarm1.adition.com/ Name: UserID1
Value: 7213519061078702221
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7213519061078702221&KRTB&23369-7213519061078702221
.adnxs.com/ Name: uuid2
Value: 8058816932854632293
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjM1ZTE5NmIwLTI0OTQtNGYxNy04Zjc3LWE3ZmE4MzhjZmQzOSIsImV4cGlyZXMiOjE2ODIxMjAyODZ9fX0=
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8058816932854632293&KRTB&23339-8058816932854632293
.pubmatic.com/ Name: SyncRTB3
Value: 1684627200%3A69%7C1680307200%3A63%7C1680739200%3A35%7C1682035200%3A203%7C1680048000%3A15_2_223%7C1680652800%3A166_204_165_254_88_56_161_55_22_251_243_8_54_7_234_81_220_3_238_176_99_214_21_71_233_13
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: DPSync3
Value: 1680652800%3A245_241_235_227_226_221_219_201
.ctnsnet.com/ Name: cid_6f84a88eb38c4a0292529d6e4335e89a
Value: 1
.ctnsnet.com/ Name: cid_0a2b004d163246068f50d174d7636d9b
Value: 1
.weborama.fr/ Name: AFFICHE_W
Value: XsfS7Tegk@pe26
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1679549886500
pool.admedo.com/ Name: tuuid
Value: 9571dd9a-1e8b-4cd0-9cc6-b891f5ecfbaf
pool.admedo.com/ Name: c
Value: 1679528286
pool.admedo.com/ Name: tuuid_lu
Value: 1679528286
.adsby.bidtheatre.com/ Name: __kuid
Value: 18d8b625-7f26-48b1-ac95-10e4b3ab4da3.448742286
ads.playground.xyz/ Name: connect.sid
Value: s%3AO9B4Q1YGmWBUspvhHbmKHrYZaNUHnQAB.mKGxW9hQrPjK67FTTYCemTayx%2F4EZ8JWUakMkJ3rxjw
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-93d92494-0759-56f2-7523-e75418697f86.7SdMj3cPYLan%2FdBfutKwBHEkf77DXt4KOLp0bICGQ4Y
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ak9kklAdZVvJ1I-dUGGl_hrnVm8Q.bvRAvxgSkPzsOTChcsoJqeEWFeCg3kGVEUXJEWvnVhk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ak9kklAdZVvJ1I-dUGGl_hrnVm8Q.bvRAvxgSkPzsOTChcsoJqeEWFeCg3kGVEUXJEWvnVhk
.ctnsnet.com/ Name: cid_982f0b746c43425f901333ad81397b73
Value: 1
.turn.com/ Name: uid
Value: 7667513402171177345
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-k9kklAdZVvJ1I-dUGGl_hrnVm8Q&KRTB&23334-k9kklAdZVvJ1I-dUGGl_hrnVm8Q&KRTB&23417-k9kklAdZVvJ1I-dUGGl_hrnVm8Q&KRTB&23426-k9kklAdZVvJ1I-dUGGl_hrnVm8Q
.csync.loopme.me/ Name: viewer_token
Value: bd5f549a-25d9-43ff-8ad0-d0f11b928b65
.zeotap.com/ Name: zc
Value: 87b8d72a-6675-425c-433d-870a02a1f7bf
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3848460918160996737&KRTB&23150-3848460918160996737
.fiftyt.com/ Name: fifid
Value: 2b17767d-8372-473a-4d5d-888d300fdff7
.fiftyt.com/ Name: cs
Value: MTY3OTUyODI4NnxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fEGH1MSQXML84ZpZRgIJ_W5F2_NOOIBTZJLWn77WhAxy
.bidr.io/ Name: bitoIsSecure
Value: ok
.onaudience.com/ Name: done_redirects104
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZBuRXgAABLY8ZAAo
.bidr.io/ Name: bito
Value: AAGbMk7INyMAACA5vpVyog
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003&KRTB&17107-RX-ab79c32a-ee9c-47c4-96fe-97f81e6dfa39-003
.fiftyt.com/ Name: fppm
Value: 20230322233806
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-0E2y59DCSnXRMgjMgnVXYYRh
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-35e196b0-2494-4f17-8f77-a7fa838cfd39
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAGbMk7INyMAACA5vpVyog
.smartadserver.com/ Name: pid
Value: 4406522062560856605
.onaudience.com/ Name: cookie
Value: ebbf0a1f0d4f9073
.onaudience.com/ Name: done_redirects147
Value: 1
.semasio.net/ Name: SEUNCY
Value: 47A720F1E2DBA288
.tribalfusion.com/ Name: ANON_ID
Value: annseFoZdUQdR2Hp9vcgjkJIGyIsDtWgi5kSbAx8DGujGZaL0tZbcGVVqpZb5tlZcYstnwNuSQd0Zd5BNKQAs0IBYH
.audrte.com/ Name: arcki2
Value: l63DSeWb-BFSFWjkcnIClvi5Q!20220908!1679528286829!ip#185.213.155.196
.audrte.com/ Name: arcki2_pubmatic
Value: 66D0228B-1A8B-4019-82A5-3FEB65E6B32B!20220908!1679528286832
.gammaplatform.com/ Name: _aGeoIp
Value: TW|Nantou
.audrte.com/ Name: arcki2_ddp2
Value: l63DSeWb-BFSFWjkcnIClvi5Q!20220908!1679528287021
.pubmatic.com/ Name: PugT
Value: 1679528287
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: cae52b65ade7ea87
.gammaplatform.com/ Name: _aUID
Value: 1v2nc2igvm8p
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-1v2nc2igvm8p&KRTB&23446-1v2nc2igvm8p&KRTB&23465-1v2nc2igvm8p
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAGbMk7INyMAACA5vpVyog
.audrte.com/ Name: arcki2_adform
Value: 7433101869634256471!20220908!1679528287231
.pubmatic.com/ Name: SPugT
Value: 1679528287
.adxpremium.services/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiNzQzMzEwMTg2OTYzNDI1NjQ3MSIsImV4cGlyZXMiOiIyMDIzLTA0LTA2VDAxOjM4OjA0LjMzMzYxNjg1NiswMjowMCJ9LCJpeCI6eyJ1aWQiOiJaQnVSVzk0SEpXLS45VlBHeVhPdk9nQUFcdTAwMjYxMTU2IiwiZXhwaXJlcyI6IjIwMjMtMDQtMDZUMDE6Mzg6MDQuMDE1NjkzNDQrMDI6MDAifSwicHVibWF0aWMiOnsidWlkIjoiNjZEMDIyOEItMUE4Qi00MDE5LTgyQTUtM0ZFQjY1RTZCMzJCIiwiZXhwaXJlcyI6IjIwMjMtMDQtMDZUMDE6Mzg6MDcuMDk1NTQwNDM1KzAyOjAwIn0sInNtYXJ0eWFkcyI6eyJ1aWQiOiI3NzA2MGZhMmQ5NTk0OGY4ZDA2NWQ2Zjc5ODU1ZGRlZWZkZTgzYmM4NjQwYzUzNzQxN2I1ZDZjMTNlZDljZjE4IiwiZXhwaXJlcyI6IjIwMjMtMDQtMDZUMDE6Mzg6MDMuNzY5Nzg5NjAxKzAyOjAwIn0sInZpZG9vbXkiOnsidWlkIjoiYTZmMzdmMDEyMzAxMzA5OWE1OTViZTIyMTdmYzQzNWEiLCJleHBpcmVzIjoiMjAyMy0wNC0wNlQwMTozODowNy43NjUzODE5ODgrMDI6MDAifX0sImJkYXkiOiIyMDIzLTAzLTIzVDAwOjM4OjAzLjc2OTc4OTEyOCswMTowMCJ9

9 Console Messages

Source Level URL
Text
security warning URL: https://tagan.adlightning.com/setupad/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://tagan.adlightning.com/setupad/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://tagan.adlightning.com/setupad/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://tagan.adlightning.com/setupad/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 109)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=66D0228B-1A8B-4019-82A5-3FEB65E6B32B&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

254b5bdb058f039551152afc776be7c6.safeframe.googlesyndication.com
a.audrte.com
a.ipromcloud.com
a.tribalfusion.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ad.yieldlab.net
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
adxbid.info
ajax.googleapis.com
ap.lijit.com
as.ck-ie.com
aud.pubmatic.com
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c.4dex.io
c1.adform.net
cdn.ipromcloud.com
cdn.jsdelivr.net
cdn1.picuki.com
cdnjs.cloudflare.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d5p.de17a.com
de-core.iprom.net
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
ib.3lift.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
m.addthis.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
node.setupad.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
prg.smartadserver.com
pubmatic-match.dotomi.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
s7.addthis.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum.casalemedia.com
st.pubmatic.com
static.criteo.net
stpd.cloud
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tag.1rx.io
tagan.adlightning.com
tlx.3lift.com
tpc.googlesyndication.com
track.adform.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
user-sync.adxpremium.services
v1.addthisedge.com
vid.vidoomy.com
visitor.fiftyt.com
vpaid.vidoomy.com
wlresults.westlotto.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.picuki.com
x.bidswitch.net
z.moatads.com
a.ipromcloud.com
s1.adform.net
s7.addthis.com
track.adform.net
103.229.206.241
104.26.8.178
104.75.88.126
13.248.245.213
13.32.99.84
135.125.163.79
141.94.171.216
141.95.171.139
142.250.184.226
142.250.184.230
147.75.85.234
15.197.193.217
151.101.130.49
157.90.40.26
159.89.25.223
162.19.138.118
164.92.213.94
172.217.16.194
172.67.68.160
178.250.0.157
178.250.1.9
178.63.45.45
18.194.70.95
18.215.132.94
18.66.147.50
185.106.140.18
185.184.8.90
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.64.190.87
185.64.190.89
185.80.39.216
185.86.138.154
185.86.139.59
185.89.210.20
185.89.210.82
195.5.165.20
198.148.27.140
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2003:8:10:2:0:a10:985f:325a
213.155.156.184
213.19.147.42
213.19.147.44
216.52.2.6
23.45.237.121
23.54.114.218
2606:4700:10::ac43:15be
2606:4700:10::ac43:db6
2606:4700:20::ac43:4bf1
2606:4700:3032::ac43:d6c7
2606:4700::6810:5914
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700::6812:1e31
2606:4700::6812:372
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::2002
2a00:1450:4001:806::2001
2a00:1450:4001:808::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a02:2638:3::3
2a02:2638::1c
2a02:2638::24
2a02:6ea0:c700::19
2a02:fa8:8806:12::1400
2a05:d018:d29:3602:c4cb:4322:c3f3:dc8d
3.68.12.190
3.75.62.37
34.102.253.54
34.111.129.221
34.111.131.239
34.225.32.133
35.156.59.19
35.186.193.173
35.186.253.211
35.201.96.126
35.204.158.49
35.210.53.219
35.214.223.115
35.241.34.106
37.157.3.30
37.157.6.236
37.157.6.254
51.222.80.231
51.89.9.252
52.220.229.2
52.29.153.89
52.48.182.47
54.170.171.194
54.239.33.159
69.173.144.138
72.251.245.179
77.243.60.138
8.2.110.113
85.114.159.118
88.221.169.143
98.98.134.243
00f66562b9f9a2524e49fb9adb968abd4ccb048289e9cfc488c35dbeef22fe89
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
018b0b4214fd5ab82a6742f40a1bb8645463e66c0f0a23a65d5a453596bedea1
02638d82c5262138597d5a3b13f1020ea6dc9500bd8ef7942626506f537c8f0e
03126aaeb6bd0fe3d003c920a8cf54693f878a74aa965727ee79eecb89002734
0355d3058b5c3b6d7e6f65a1c28ef32a2c758db1d57cbdb07ab8a21bbc135a40
047dfcee4fe3e0d89022431cec6f01ff285f81a916ad7b2908d43d430dd55ee5
0506588d6503367f42582fd66839c5687cee6a53dc6236091848ac63ff8f01af
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
060a9d52fbe3f47cfe149e43092a02529b993610f5cc55a2c216254f748436c9
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
074cd897ac4a2874f091dd1ef85b1259fc8808734d54055d0f0c640058cfe5dc
074e1f0a26378aa8047fe458504058d9e1c3c4775cb57790822abb70af2a18dc
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0b3151e785d02ba7d67b3c8227c283a9e8b2ded26152a1d4fda1d1dc68fd26a8
0bd42c5a4eb3f83ecaa7be69ee5b8a01dc012cbd76730d534ef3fd68964366f2
0bded88aa1af06150dfa6171eb4dc45c2d2b7cdbba047fec7294104680d5910a
0c49e6c1e7b0c11085fa47361af94b0a69ab485c41ad01f347e5139c9582ca56
10b43c2c0ec666e5e81b56e2ac9e26a39b81717530a813f7b25e2a23e6617d10
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ebea04f22fb16479e8c51405f234f8e0d07798bb1546f4863f6f2ccb0c5bae
145331f47b3ac2bd1d696b0101e78540c5951893216877e95829b7101b233270
1671892bf155231b5d530edb9e3bf829c3555be03e9f5d895953be65384c46e0
17a464b5cee04dba08155df897f8624db9dc10f13dd4a27786eb39adb94de1b5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1abe645d090e572ea4dd49481f262a4e1d86b4f5f8bfae7d606d09d295558fea
1bf7576d155b49c73dcb858285969152fbab808c1643bbed3ec596310b550c91
1d489a1bf99c154a5e43e0756801e05a974e65f192e3a8e70c975a26f5a8e223
1e3a87b806475df8d87e26b15a0730a0e9e280e532b7b289420370b5cf6370d9
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20cd76e97106f087e3bcc0ab9f0c3502baa4a9255b387bbe5ef927c45a27517d
20fa5cec446521721147c056fe9d60348994dfc7d5f5606469f7555d75be80c9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c2cd2a4097f44833817993ded2514b688066ac86d87a1e59a6b6f5369c15cfb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e321b9f4c43a8f4191a81cdd1a8e5835f9f405267710d86ea0c5573c42331fa
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
3621482d3a2dbb039f5f61cfe06ba73f0ae2aacefc3f05813257fa5ce2069962
364103bc6bf5b67d5297c758dd3f07ebdcb05f33d36291cb6d0549fb51e78659
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36bc629988777edb7a12d7e02d8132b5080295198f56be19d593597d6410513d
377cda39bb732164e6e11ff91a824fc1e536ecad53a9c1d3696f539ffa014a4f
3a420d8bb78b8f4f00b11484050f2940594e86cf3a956f38bb1761adde8a1510
3d74b859c3b93a7b1a3282101b74b921e4221c3f2194a64060a6feac81d70b7e
3ddebf70c79ef3a7bd79cdfbab63bdb0b20a6d266d6dedde77e920215db809d8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f15b248094422f252d5b490dc4bd3a367901f3d8c889584b36cfbf4f31d513f
3fc5d0fecb447bacc1f3f06ce47e111a057958955cf8ede38e404ea17e1578b1
42a32994b96ae9e55688f0b035cf97c708af8a43ce41402e114109bd85b356b6
42b917574b00dc2d80d331eedd742aa3affe86a931b55e37de2010c271bc8410
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
486cff0c11037d55d460665863bf35222b1beeaf4f1a463c831fa46f042d6bb2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a6ff08ac67570999d01bd180810f582793a463866a2c4a39a6ccd39420f3a29
4a880ca860b0dfd58886aeb5566f01ed3e6824f4223c98c6bf839d1196047c42
4c251997d57e44ce82f171033958a347b53b824f4637db8dea44c6f7919862fb
4d4d8f4b29eb5d3ee9d8a9f35ed7bc7c481059fe3f440573a557344829be074f
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
518600d08e9f5f8eabc37fbd362f31adc82ea97ab63ff38126df11c2f0ffd85d
51baf8f093d9035b6bc41dc01a1893097d607b21fc4b26bb33827d07d151c5dc
5245da93535d7d95f1c50c9476cc76c60884bb623b869943c115f576a0548479
52fc9faafd981b2a1b767dce609b55c88f4c5816d8c67be2fe282c3c6139bd23
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556d1c0c8b2d81fd4f36867861dd636686e87673af0b3fb8a4b81bdbaf56fe55
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578932c4091fbb4da472946b9f0baf6fa26b23296b61786d99e863e760afd990
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59fbfc419ceaccb8d9654a1d5f0dcb6d97716a86b6780de1f6de611eb985b6fc
5be8e095e2fd0837f7ceefffaf25b2aa3579180714c27f2d9cacfb0cc9f87872
5c6b38086f5a0f35a1026b74336e658e3d4765ad225aff5746a586457676eaa2
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984
5d642ca2e7830ea9c669fcca0622795b67adf4f27567724869a1ca6daf3d0184
5e326a51e4c8aa04d2f2e2e7ced1b4c71da954a5764f4203efae15534507618e
5f2ee9b9c8516ef84752b545a7fe18694eb377373b0d2ca3ccdf96ab0b5c3a15
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68d6440eaa7eda5364c4c7b8ce88fd73bffc0ba7edbbd40a98f0d03b6c63e747
69132eb2f05e13a4c63a410722925db45aee5c05b3cb792fcb602e890ee69860
6aa1ff4317f044b2877f4b976f83453bf56720d60d4023dcbfe9afcba9ad5f23
6b35d3452008af5edbdae6a409348d7e438965c529f943ea53c6e0d7474d7c61
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bafd2b1feab93e19b15dd831bfe1cc4c8181c780bbdc090aee02ffe3a500197
6d454836811751ba1e4aab9a00ef8a5655eb2d7989ab14ca4ba199704ae11e25
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
747c653f1f399c9ecef981d1c8d6788234000d67df69b2e9d4ff406b6bdb0c3c
7663e58e7d862654c5c1dfda8450e4aefe0cf4c7877b6395d4c7429fd30e8bf4
77edb639b1aec050b50ceb1c3947bdbc326a3b53c2c39a78cc7d5444cdb1fb48
79adcf5d728d216874b367b40d662ba0d00c67de3c6a921a91a6233e59c7da9c
7a6ac5ebd6cb695776cb3abeb8af1db4364b8ca9402feaf2ed97af1e742b8c45
7ab3e9ed086ba5125079d02de3bbf7d00672003be1097989987d435917f72fe0
7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
7d9cb2cb4b7c4dd42526c2ba798d20c7dccf7dcc9def0ae8968fc87d17c39104
7e9e84cfacbfd1f40751fb754c9ac00f8a49435e1829de0933dd02c1687fcc97
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
8419b65a0dfca5ed652610d9ece508a2858b0340aede701cab77c19246b36032
88109bb48d8d467bebe4dacf3ba8233ff2acb2282eac443579bb77dcf4ddfb29
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861
8c0ef66f614cd603094c2f401196c06be3a119d1219e872c44548f7da030f396
8d22341f68e20d3487a0f5ddb61f01a9303fd39b6025b0a9a4eb2ed7350bf442
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e6dd1896697508ea1cc1c6ca540a793f0fe81dcb672ea9d142eec2bdeec9af7
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8eab781381613af4f57c3d9055b21f3ab327a9b5c4db46c3842b5dcd52b62f10
8ee395b358a3541aab810e49c3848842b46f62de07981079da3b98ef3e21d84b
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95342346629d7782d976bf75fa34906fb0fd0569e0a4c3bb36eedf4bd370b755
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b3c42aa413d0f3dd20e300f61688feb4ac8baab09dfcc25dbf1cb780b8d693b
9e16db4f2a59fc2f08c254fd4a9ac7502071c581af82f1bd7e5371c7705d8da2
9eb41b821987d17c2eeeaa874a757a1deae423cb1981f2334ce181ab6018ab13
9f018540529cec6702cb58af04fa367b56ce28e7360ba7f44d37dfd9463e94e5
a3501a3f0a7b6bc47f9f81c7be85b3603816fe2d3026ab4b396127ed9eb8895c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a7abef4b3776c5a08fb1199bef6891ea36ca5c7d713974f9ddbb5689d65b981e
a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
addcde93d707ccea300c55822ceaef078c181ae0f7557eb1965e9016fc16cfbd
adfefec9547f03b56e25ee1938a6b960f8dc52a1528dd71ecb7b8cf9aa0ca1c8
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b04b973a6b9c5fc2325b151e767f262deab0bbd4e8c87caaabb0419a125063ca
b0929d808f5debc5c6a30142552d75310252922d0ad88b44076a951728a13aed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3629dc07b8f31020ea260cb8a39c22c1ada03e66ebbb852bb5130ffab3d6a1c
b40e2500d11affb66d506fe16c9a41c3f06cdb5c781b44bbd98bcffc39140096
b5592fb740954d5a92e2c24d18ddc4af2e53d42da3ad30e2a44c793d49a45f69
b78fda59eb8b6bf04ef48190dd1dc7701d13685368111fd6ecf42b979445815d
b99081753423c8bbf7f9f844fea17a8be9a5a620754839a5d5e1a76e23a1ed82
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbd9e4ed7600a52f90a7dad607abd4470b224c4467d61a0b0167fbb8cdd8e809
be01b79a9d29bf45cd7cca11973b54d135434eafebb9a52ec5931e9cdcc17068
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c079c3c66c3fb4e3c7feb0f039e3547dd82f8216d880aca1024c558ec52211ed
c1c3837e971eee6231e1cf1d87ed2290d6507864d2219896a2f8be1b3a4b3492
c21484302ebf80a08dadc2c12b247de671fc5c3064b1d4f9d042925feb3f7110
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c432b25f3773ab36cc24ebd416c0473009a72dc4c58d90ca597284683222bd4b
c5e40336c0a18f9be845a21f3876f7023231e18d3f9fa18a093614dca8b78bc5
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
cea22d911e92222dbfede091756ddef209ca86a941285df534ee94e93fd31e3e
cf1e913b78112623c2ef119fdd078a2f6f8fe8e9700e895576934cfd0208e79a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d768bfd4ada17a45992f7ce9bb30f1bcfc2938251620e50c242696f0ea76ccf3
d8957691e3691ae1bfb96926483c5df7864a904ed4328c41e5b3a2fdbd4d2182
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de6f62c798f4ded375ac0963d17d281254a91029a44209f3b9c68d4d4ec514ed
e1027d217430781b1e1d6d7d32a8b7c56ac7c31807b56a79ff00a446fb4d5883
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82aeed7c5b6132d40c31a3c5d547e3259bd25d96820b1a863785da2289f78fc
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ebe50d0db7b31a6fd68843827f50f1e6e4f960e5506ffbcf11867362d2e5b183
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bf1114e6ee9af76215e224bde2e345a41a16036d400bb229967305f28e86a9
f1fba9ece83b16906da79bed1373a3997e1af80e1f96f03ebacd60ee60614350
f225637a1bf45e162a500b29cfe8971759957b7881bff5b16c074f6f291f570d
f4e72871890aede7d8a3fbf9e01cf6682baee76ac38012b403b5a1e6f61deddc
f64bc87e5639e957bad1eb1210185fcad42c1354f9f602ea52fef1f282886ecd
f78884cc9b251503cdeb8b221838cb30c507f997aee521569f8053af318812d4
f7fc64440f3353cb63c713aa3271fd0850688ef47bb855d8533d103754811c15
f9f6db1f1476b4c9a4ba57f73b5e74add70475f5ee59760afb51d71215dae828
fbedc9a20f53c8194d39245860b6c2398395081e4f738a4ed5ea1baf02075aa7
fce7e8e49834a09ac8eb2ac633fd1e3c5e5b6c2a8897bec9c7f2b25e69622f3c
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2
fef1c4a46034a481f647cd7d8a6f9693d05224c6881c327e7a89a65a2ed5ee36
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
fff27cb185a139aa502468d8a3598efe8a9ea87135478304bf08191f99841b02