whale-alert.io Open in urlscan Pro
2606:4700:3031::6815:1c31 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
Submission: On November 26 via api (November 26th 2021, 6:31:44 pm UTC) from US — Scanned from DE

Summary HTTP 162 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 59 IPs in 6 countries across 65 domains to perform 162 HTTP transactions. The main IP is 2606:4700:3031::6815:1c31, located in United States and belongs to CLOUDFLARENET, US. The main domain is whale-alert.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time whale-alert.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:303... 2606:4700:3031::6815:1c31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	94.31.29.32 94.31.29.32	33438 (HIGHWINDS2) (HIGHWINDS2)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
5	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.214.91.80 3.214.91.80	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 5	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2602:803:c001... 2602:803:c001::200:194	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.48.128.83 52.48.128.83	16509 (AMAZON-02) (AMAZON-02)
2	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	185.85.241.235 185.85.241.235	49683 (MASSIVEGRID) (MASSIVEGRID)
3	2a03:b0c0:3:e... 2a03:b0c0:3:e0::21f:7001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:58a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:1585	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.107.160.24 104.107.160.24	() ()
1	2620:1ec:46::44 2620:1ec:46::44	() ()
2	184.87.212.214 184.87.212.214	() ()
1 5	104.92.74.8 104.92.74.8	() ()
1	184.87.212.200 184.87.212.200	() ()
1	198.47.127.19 198.47.127.19	() ()
2	104.16.200.58 104.16.200.58	() ()
3 4	37.157.2.236 37.157.2.236	() ()
2 2	213.155.156.167 213.155.156.167	() ()
8	185.64.190.80 185.64.190.80	() ()
4 4	185.29.132.245 185.29.132.245	() ()
1	198.47.127.20 198.47.127.20	() ()
1 2	51.210.112.236 51.210.112.236	() ()
2 2	34.254.143.3 34.254.143.3	() ()
3 5	216.58.212.130 216.58.212.130	() ()
1	169.50.137.182 169.50.137.182	() ()
3 4	15.197.193.217 15.197.193.217	() ()
1 1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	() ()
1 1	69.173.144.138 69.173.144.138	() ()
3	69.173.144.165 69.173.144.165	() ()
3 3	151.101.2.49 151.101.2.49	() ()
1	35.244.174.68 35.244.174.68	() ()
5	34.254.122.11 34.254.122.11	() ()
1	185.86.139.104 185.86.139.104	() ()
1 2	216.52.2.48 216.52.2.48	() ()
2 2	193.0.160.129 193.0.160.129	() ()
1	178.162.133.149 178.162.133.149	() ()
2	2606:4700::68... 2606:4700::6810:4036	() ()
162	59

16 2606:4700:3031::6815:1c31 (United States)

ASN13335 (CLOUDFLARENET, US)

whale-alert.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.31.29.32 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.214.91.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-91-80.compute-1.amazonaws.com

mantodea.mantisadnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.220.100 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c001::200:194 (San Jose, United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (Paris, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.48.128.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-128-83.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

buysellads-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.85.241.235 (Frankfurt am Main, Germany)

ASN49683 (MASSIVEGRID, GB)

appspb.cointraffic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:b0c0:3:e0::21f:7001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

request.czilladx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
request-global.czilladx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6ac1efb95f5b7b6d3709b8d390a7c6e0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:58a5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.coinzilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:1585 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.coinzilla.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.nl.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.107.160.24 (None, )

ASN- ()

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::44 (None, )

ASN- ()

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.87.212.214 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.92.74.8 (None, ) 1 redirects

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.87.212.200 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.200.58 (None, )

ASN- ()

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.236 (None, ) 3 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.80 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.132.245 (None, ) 4 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.210.112.236 (None, ) 1 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (None, ) 2 redirects

ASN- ()

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.130 (None, ) 3 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (None, ) 3 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (None, ) 1 redirects

ASN- ()

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (None, ) 1 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.49 (None, ) 3 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (None, )

ASN- ()

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.254.122.11 (None, )

ASN- ()

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (None, )

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (None, ) 1 redirects

ASN- ()

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (None, ) 2 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (None, )

ASN- ()

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:4036 (None, )

ASN- ()

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	whale-alert.io whale-alert.io	705 KB
13	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com image4.pubmatic.com simage2.pubmatic.com	16 KB
10	googlesyndication.com pagead2.googlesyndication.com 6ac1efb95f5b7b6d3709b8d390a7c6e0.safeframe.googlesyndication.com tpc.googlesyndication.com	48 KB
10	rubiconproject.com 2 redirects fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com secure-assets.rubiconproject.com	23 KB
10	doubleclick.net 3 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net Failed	127 KB
6	adnxs.com 3 redirects ib.adnxs.com acdn.adnxs.com	21 KB
5	gumgum.com g2.gumgum.com rtb.gumgum.com Failed	2 KB
5	servenobid.com ads.servenobid.com public.servenobid.com	5 KB
4	adsrvr.org 3 redirects match.adsrvr.org	2 KB
4	mathtag.com 4 redirects sync.mathtag.com	2 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	onetag-sys.com onetag-sys.com	2 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	183 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net	740 B
3	criteo.net static.criteo.net csm.nl.eu.criteo.net	53 KB
3	czilladx.com request.czilladx.com request-global.czilladx.com	4 KB
3	4dex.io script.4dex.io mp.4dex.io	24 KB
3	buysellads.net cdn4.buysellads.net	204 KB
3	google.com www.google.com adservice.google.com	2 KB
2	glotgrx.com pre.glotgrx.com	392 B
2	rfihub.com 2 redirects p.rfihub.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	1 KB
2	exelator.com 2 redirects loada.exelator.com	2 KB
2	onaudience.com 1 redirects pixel.onaudience.com	736 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	yabidos.com pixel.yabidos.com	25 KB
2	openx.net buysellads-d.openx.net u.openx.net	470 B
2	yahoo.com c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com Failed	383 B
2	media.net prebid.media.net contextual.media.net	9 KB
2	criteo.com bidder.criteo.com gum.criteo.com mug.criteo.com Failed dis.criteo.com Failed	5 KB
2	mantisadnetwork.com mantodea.mantisadnetwork.com ecs.mantisadnetwork.com Failed	829 B
2	googletagservices.com www.googletagservices.com	63 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	jsdelivr.net cdn.jsdelivr.net	11 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	sonobi.com sync.go.sonobi.com	474 B
1	smartadserver.com ssbsync.smartadserver.com rtb-csync.smartadserver.com Failed	1010 B
1	rlcdn.com id.rlcdn.com
1	quantserve.com 1 redirects pixel.quantserve.com	544 B
1	simpli.fi um.simpli.fi	618 B
1	coinzilla.io cdn.coinzilla.io	224 KB
1	coinzilla.com cdn.coinzilla.com	3 KB
1	google.de adservice.google.de	792 B
1	cointraffic.io appspb.cointraffic.io	450 B
1	omnitagjs.com hb-api.omnitagjs.com	706 B
1	googletagmanager.com www.googletagmanager.com	36 KB
0	socdm.com Failed tg.socdm.com Failed
0	emxdgt.com Failed cs.emxdgt.com Failed
0	360yield.com Failed ad.360yield.com Failed
0	deepintent.com Failed match.deepintent.com Failed
0	technoratimedia.com Failed sync.technoratimedia.com Failed
0	ipredictive.com Failed sync.ipredictive.com Failed
0	outbrain.com Failed sync.outbrain.com Failed
0	contextweb.com Failed bh.contextweb.com Failed
0	zemanta.com Failed b1sync.zemanta.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
0	adotmob.com Failed sync.adotmob.com Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	opera.com Failed t.adx.opera.com Failed
0	a-mo.net Failed prebid.a-mo.net Failed
0	postrelease.com Failed jadserve.postrelease.com Failed
0	unrulymedia.com Failed sync.targeting.unrulymedia.com Failed
0	casalemedia.com Failed ssum-sec.casalemedia.com Failed
0	33across.com Failed pixel.33across.com Failed ssc-cms.33across.com Failed
162	65

	Domain	Requested by
16	whale-alert.io	whale-alert.io
5	cm.g.doubleclick.net	ads.pubmatic.com g2.gumgum.com
5	image2.pubmatic.com	ads.pubmatic.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	ib.adnxs.com	3 redirects cdn4.buysellads.net acdn.adnxs.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	rtb.gumgum.com	g2.gumgum.com
4	match.adsrvr.org	3 redirects
4	sync.mathtag.com	4 redirects
4	c1.adform.net	3 redirects ads.pubmatic.com
4	eus.rubiconproject.com	cdn4.buysellads.net eus.rubiconproject.com g2.gumgum.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	onetag-sys.com	cdn4.buysellads.net public.servenobid.com
4	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com ssbsync.smartadserver.com g2.gumgum.com
3	sync-tm.everesttech.net	3 redirects
3	pixel.rubiconproject.com	eus.rubiconproject.com
3	simage2.pubmatic.com	ads.pubmatic.com
3	fonts.gstatic.com	fonts.googleapis.com
3	cdn4.buysellads.net	whale-alert.io
2	pre.glotgrx.com	mantodea.mantisadnetwork.com
2	p.rfihub.com	2 redirects
2	ce.lijit.com	1 redirects public.servenobid.com
2	loada.exelator.com	2 redirects
2	pixel.onaudience.com	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	pixel.yabidos.com	mantodea.mantisadnetwork.com pixel.yabidos.com
2	ads.pubmatic.com	cdn4.buysellads.net g2.gumgum.com
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	request.czilladx.com	cdn4.buysellads.net
2	c2shb.ssp.yahoo.com	cdn4.buysellads.net
2	mantodea.mantisadnetwork.com	cdn4.buysellads.net
2	script.4dex.io	cdn4.buysellads.net script.4dex.io
2	www.googletagservices.com	cdn4.buysellads.net tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.jsdelivr.net	whale-alert.io tpc.googlesyndication.com
2	www.google.com	whale-alert.io tpc.googlesyndication.com
2	fonts.googleapis.com	whale-alert.io
1	secure-assets.rubiconproject.com	1 redirects
1	sync.go.sonobi.com	public.servenobid.com
1	ssbsync.smartadserver.com	public.servenobid.com g2.gumgum.com
1	g2.gumgum.com	public.servenobid.com
1	id.rlcdn.com
1	token.rubiconproject.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	acdn.adnxs.com	cdn4.buysellads.net
1	public.servenobid.com	cdn4.buysellads.net
1	u.openx.net	cdn4.buysellads.net
1	contextual.media.net	cdn4.buysellads.net
1	csm.nl.eu.criteo.net	gum.criteo.com
1	gum.criteo.com	static.criteo.net
1	cdn.coinzilla.io	text
1	cdn.coinzilla.com	request-global.czilladx.com
1	request-global.czilladx.com	cdn.jsdelivr.net
1	6ac1efb95f5b7b6d3709b8d390a7c6e0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	appspb.cointraffic.io	cdn4.buysellads.net
1	buysellads-d.openx.net	cdn4.buysellads.net
1	mp.4dex.io	cdn4.buysellads.net
1	prebid.media.net	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	fastlane.rubiconproject.com	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	hbopenbid.pubmatic.com	cdn4.buysellads.net
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	whale-alert.io
0	tg.socdm.com Failed	g2.gumgum.com
0	cs.emxdgt.com Failed	g2.gumgum.com
0	ssc-cms.33across.com Failed	g2.gumgum.com
0	ad.360yield.com Failed	g2.gumgum.com
0	match.deepintent.com Failed	g2.gumgum.com
0	sync.technoratimedia.com Failed	g2.gumgum.com
0	sync.ipredictive.com Failed	g2.gumgum.com
0	pr-bh.ybp.yahoo.com Failed	g2.gumgum.com
0	sync.outbrain.com Failed	g2.gumgum.com
0	bh.contextweb.com Failed	g2.gumgum.com
0	b1sync.zemanta.com Failed	g2.gumgum.com
0	sync.srv.stackadapt.com Failed	g2.gumgum.com
0	x.bidswitch.net Failed	g2.gumgum.com
0	rtb-csync.smartadserver.com Failed	ssbsync.smartadserver.com
0	sync.adotmob.com Failed	ssbsync.smartadserver.com
0	match.prod.bidr.io Failed	ssbsync.smartadserver.com
0	t.adx.opera.com Failed	public.servenobid.com
0	prebid.a-mo.net Failed	public.servenobid.com
0	jadserve.postrelease.com Failed	public.servenobid.com
0	sync.targeting.unrulymedia.com Failed	public.servenobid.com
0	ssum-sec.casalemedia.com Failed	public.servenobid.com
0	pixel.33across.com Failed	public.servenobid.com
0	dis.criteo.com Failed	ads.pubmatic.com
0	ecs.mantisadnetwork.com Failed	mantodea.mantisadnetwork.com
0	mug.criteo.com Failed
162	94

This site contains links to these domains. Also see Links.

Domain
docs.whale-alert.io
medium.com
tronscan.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2021-08-03` - `2022-09-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.mantisadnetwork.com Amazon	`2021-10-14` - `2022-11-11`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
ads.servenobid.com Amazon	`2021-06-28` - `2022-07-27`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
appspb.cointraffic.io Gandi Standard SSL CA 2	`2021-08-23` - `2022-08-31`	a year	crt.sh
coinzilla.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-19` - `2022-09-19`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.nl.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-09` - `2022-02-06`	3 months	crt.sh
public.servenobid.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-22` - `2022-05-22`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.glotgrx.com Go Daddy Secure Certificate Authority - G2	`2020-12-14` - `2022-01-12`	a year	crt.sh

This page contains 35 frames:

Primary Page: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
Frame ID: 187ABE10983338C0AB3ACB6A64685F2E
Requests: 61 HTTP requests in this frame

Frame: https://6ac1efb95f5b7b6d3709b8d390a7c6e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AD15C8C9F0A3D6FFCBBC658D55A5F3B4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 505EBCA25454EDFEDC2A1F242B3761ED
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6AD72B4896CAF04B9ACFBE74925AA5D3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E09A75081143707F4E261F9B7148ABCD
Requests: 8 HTTP requests in this frame

Frame: https://request-global.czilladx.com/serve/view.php?w=728&h=90&z=66260d2e5f030511463&c=65618e7965aca48780&n=1c1ad0d8cbc2223ceb5a4c34c73401b16a7d69c08f054c474db090d5e60c0011&integrity=eyJrZXkiOiI4MmIzMzc1MTVjYWUwZDk5ZGZkMzZiYmQ5ZjYyZjcwMWM2YzFhNmRiNTllZTg1NDg0MDk0NDMwYzBhYWY4NTA0IiwidGltZXN0YW1wIjoxNjM3OTUxNTAwLjYyNDAzNCwiaWRlbnRpZmllciI6IjI2Mjk5NDA5ZDQwZTQwMTM3MzkyYjY1YmFjOTRiNDYwN2U3YTE0ODQzNjA1NTdmZjk0MzYyNjQ0NzYwOTg0YjEifQ
Frame ID: 6DDB1F6CF882FD96369802A437CF216A
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: A0A0C4E9EBDCE096E0678CB6F2CCE388
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=whale-alert.io
Frame ID: 3C491376B17E7447BCD24E81EACEFCE7
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1637951500607
Frame ID: 630078A2EF57147E25E977A7BA636530
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C237%2C2025%2C117%2C97%2C99%2C55%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C9%2C2011%2C3022%2C3020%2C172%2C251%2C175%2C2009%2C255%2C178%2C3018%2C3017%2C214%2C3014%2C70%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C80%2C10000%2C229%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: EF42841A73194A27A9C99D098BA1D2A7
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 9EB307BE3A4EE05DAA958EA1472DA70F
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: B3DE6750A8376DCBA6424A5AB48F9235
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Frame ID: A36263121D7ADC7C3E5BB9830CEEB159
Requests: 13 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1637951500917&secure=true&version=9&uuid=bb1fdf3a-f1f8-4319-9266-9292e8387f33&title=Whale%20Alert%20%7C%20Transaction%20Details&url=https%3A%2F%2Fwhale-alert.io%2Ftransaction%2Ftron%2Fc047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
Frame ID: F0234499EE653C1C443113A9DA387B9F
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7B15D9C4B8E781AC25553BE297F28D90
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2B287120B28C9FB184AAB33A4C27F7A6
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8562F436-5339-4616-9A36-92C6111BD0CA
Frame ID: 25F346026E40EAF74E3C665C55EC8864
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3161441608773694398
Frame ID: 1A24BB911C80CD5A617C6C92A6FCC977
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 47CD5982999B7189E78F21D822E30D61
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: EF1A943287C82CB8616DAC5EF8CE0A9E
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: 3E0475C987EE7840612AD7B630C93E60
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 8CAAB791CF4F7D77A17F55F3DE41F95C
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 7EE5D8FF8CAABDD0E6860F2FFD8843B1
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 256B3FC67D62232F7827FB401EF6B61E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: D5FBF8CFFCC1AC8F41EAF8FBDDE14DC5
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=e678254f-db57-4cd4-a885-4526ad761d9a&t=1640543504
Frame ID: 64C19918295248F0E6ADEE35C93B7203
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 3B569955A069C56160381BC082368E46
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=2e9561a1-2810-4100-8775-8f6b4c1dcad4&gdpr=0&gdpr_consent=
Frame ID: 5B35FFA2C68CFD9509A69EB34276C551
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YaEoEAAHf1YSUwBR&gdpr=0&gdpr_consent=
Frame ID: E94E3A3B5D5D0AFB72BEE22C2EDF807C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9mOWUzOWM5ZS1mZjc5LTQ0ZTgtOWVkMy0xZTg4MmQ5YTM3ZGY=&gdpr=0&gdpr_consent=
Frame ID: 277B5344E93B08241EC4C9C8B0C956C8
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 89D1D09F3EB5FB5B942B6CB11549878C
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 60D34E45A64482B149C9276318FADB4B
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 957D417DFB01F9B45318E5EC672131D5
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=5107433821850461864
Frame ID: 143CF36413F20566B55641A686EE91ED
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=sth62qwlunzaANIGwQCR&pi=gumgum&tc=1
Frame ID: F389C90A4D1D4A068C465F6F09B0272C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Whale Alert | Transaction Details

Page Statistics

162
Requests

67 %
HTTPS

39 %
IPv6

65
Domains

94
Subdomains

59
IPs

6
Countries

1821 kB
Transfer

4437 kB
Size

11
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.whale-alert.io/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://medium.com/@whale_alert/the-satoshi-fortune-e49cf73f9a9b?sk=0a512ed3f78b286ba57e9c75b0c0860a
Title: Medium

Search URL Search Domain Scan URL

URL: https://tronscan.org/#/transaction/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
Title: View transaction in tronscan.org

Search URL Search Domain Scan URL

URL: https://tronscan.org/#/address/TBPxhVAsuzoFnKyXtc1o2UySEydPHgATto
Title: View address in tronscan.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

https://gum.criteo.com/sid/json?origin=publishertag&domain=whale-alert.io&sn=ChromeSyncframe&so=0&topUrl=whale-alert.io&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=kS1Qonw1OVVxeTNjNW56bkpJbTR3UDl1cEFzYWI5SUN1YXlJUmtlTVdwRGVBeW54bW5xeXR6Q1JTTU1HMHJadEpJT0prc3N4NU9lVldzYVcxT2lJSy9KcjgxVDg1UlJOU0xVTkZSNU5lell0RWFJVmJEdnhVYTdqQnhwd2lFY1UzTlhFdWdIZDZsNG9Kb1ZKa1ZHeUdxOFZlb2VLVDBkSFFFSTdqYllwWjQ5YkVrVjhUbkFMdW5ILzRWc25lUWxLWE1qVjNQcE1TZHRZNS9PcVZsMTVyYnVGSUZEaGVzODZ1dCs0QUlJcGYyQWZPeGg3N2JuZVArSURBRHNxSkRreFZENHJrK1dQRUNnVTA0RVBPTEd3YXBFQkU1QT09fA&cppv=2

Request Chain 90

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 92

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=e678254f-db57-4cd4-a885-4526ad761d9a

Request Chain 93

https://c1.adform.net/serving/cookie/match?party=14&cid=8562F436-5339-4616-9A36-92C6111BD0CA HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8562F436-5339-4616-9A36-92C6111BD0CA

Request Chain 94

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3161441608773694398

Request Chain 97

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1d0961a1-2810-4400-9c6a-b2eb893187d4

Request Chain 98

https://pixel.onaudience.com/?partner=214&mapped=8562F436-5339-4616-9A36-92C6111BD0CA HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=75294fa7fc1a268e4e2986069164d158

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODU2MkY0MzYtNTMzOS00NjE2LTlBMzYtOTJDNjExMUJEMENB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP5REFM7GwJ-61wpirkEIb0&google_cver=1

Request Chain 102

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6a6661a1-2810-4600-9aca-2903c9da9f10&gdpr=0&gdpr_consent=

Request Chain 103

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3193111019009802907

Request Chain 104

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e678254f-db57-4cd4-a885-4526ad761d9a

Request Chain 105

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8522732346245329597&gdpr=0&gdpr_consent=

Request Chain 106

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zFwXWshVR1vXDkRbyVxbD8wIR1LXWBJYyVQ3ILHS

Request Chain 108

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dHUTE2WFUtMVEtMkRJVA==

Request Chain 109

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=2e9561a1-2810-4100-8775-8f6b4c1dcad4

Request Chain 110

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YaEoEAAHf1YSUwBR HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaEoEAAHf1YSUwBR&_test=YaEoEAAHf1YSUwBR

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKYvm7V-1EG1vjyp2cvawnA&google_cver=1

Request Chain 121

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=8522732346245329597

Request Chain 122

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1

Request Chain 123

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8275620499 HTTP 302
https://sync.1rx.io/usersync/tradedesk/e678254f-db57-4cd4-a885-4526ad761d9a HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8483c52c-921c-4215-99aa-86266ed147e1-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-8483c52c-921c-4215-99aa-86266ed147e1-003

Request Chain 125

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5107433821850461864

Request Chain 134

https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=88acdaad-00be-4ecb-92d2-25710727ca6b&gdpr_consent=null&gdpr=0

Request Chain 135

https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=8522732346245329597&gdpr=0&gdpr_consent=

Request Chain 136

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=8522732346245329597

Request Chain 140

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8483c52c-921c-4215-99aa-86266ed147e1-003&rndcb=371885205

Request Chain 143

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=db9026cd-bfb4-4c2c-9861-5139117205a5

Request Chain 152

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=e678254f-db57-4cd4-a885-4526ad761d9a&t=1640543504

Request Chain 153

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 154

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=2e9561a1-2810-4100-8775-8f6b4c1dcad4&gdpr=0&gdpr_consent=

Request Chain 155

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YaEoEAAHf1YSUwBR&gdpr=0&gdpr_consent=

Request Chain 160

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=5107433821850461864

Request Chain 161

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=sth62qwlunzaANIGwQCR&pi=gumgum&tc=1

162 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142 Show response
whale-alert.io/transaction/tron/ 12 KB
5 KB 157ms
123ms Document
text/html 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c439d8c0ade482d5852178b0acce3a83d4fab25d1cfccc3b41dadce698d36989

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
content-type: text/html; charset=utf-8
vary: Cookie
x-frame-options: deny
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFWFryyH6UQpkv48P71Kt%2B3FQ0KN%2F6kxdEncCJtt1TWRf8zI5b1nu9XEPhtDGcAuUmEAKgFkTzx7VFPnkn23Fif9KVeAmK%2B3IKSEgFHpJ6hBK4YRZt%2BEhpEMex7iKxLP4a8kfN8TBRIGikwpqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b4531e8e94e5c74-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 46ms
21ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134300763-1

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eeab895c115190a3d5a005162fed96efdc7fe3fc494a1b0af4841a1e94aa0669

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36129
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Nov 2021 18:31:39 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 41ms
19ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

faf96279daab880f59aee01a4ad999db2ca6eca9fb1c9d2c15ef07a93e216f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 18:31:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Nov 2021 18:31:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Nov 2021 18:31:39 GMT

GET
H2 200 preload.min.css
whale-alert.io/assets/css/ 692 B
661 B 20ms
18ms Stylesheet
text/css 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whale-alert.io/assets/css/preload.min.css

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3705044fa855412ab95c073eaf7a6644a410f1b379f75e0262dda7b44806ac

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 19:33:26 GMT
server: cloudflare
age: 4868
x-frame-options: deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzFN0xXSoGdlDODQ9jmTyfuyG9eo6nQeTn7nXnkmjfzlY5z6Y2S1OMTlzw5rjBj44gCwUVlDJoKQBYZslRYtfKAJTkYHPnVBp9yW7uOGUTL6%2BSssApnMsbfIzfUKbjEqTwuY%2FEPySmnfu8Bh4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b4531e9cc205c74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 plugins.min.css
whale-alert.io/assets/css/ 411 KB
58 KB 25ms
23ms Stylesheet
text/css 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whale-alert.io/assets/css/plugins.min.css

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b463df7f17816e35d2241f72f1001c67609c8370dd3e71fd44edce897583c7e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 19:33:26 GMT
server: cloudflare
age: 4868
x-frame-options: deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwZBEtB69ztJZTuDoQTo%2BjBZM3cXJpsWQ%2FHS8nT173X3ejBzleHwXV7jY7LENZGmCxrDY4ZzNHw0cAOaxcoBnO3zCihwTFFeBU5d7T7dDtjwTWeO44XEbYc4kWSumui1b14TwYzIxeGVUi7G9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b4531e9cc285c74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.light-blue-500.min.css
whale-alert.io/assets/css/ 348 KB
47 KB 36ms
35ms Stylesheet
text/css 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whale-alert.io/assets/css/style.light-blue-500.min.css

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c999102bbba0caf9ffcaeb8c8a789e982062aaf313ab9b30aec58d332281a0

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 19:33:29 GMT
server: cloudflare
age: 4867
x-frame-options: deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2Fi95e7sSh1noUdnTJa9OTZ%2BAimlvuQc3i1GUiCcx3UucZlKDkb8ZxyCN%2FsRE0z5r8kaHvtXOG4Phjg%2FM4jnFjXSkTCfx5qqWFs2cj69luQ54pm7vXD4Gab%2BtHzh1lcoQj6%2BQ9aVW4aw48XknA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b4531e9cc315c74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 39ms
16ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fcec8f9f4b2b56dcc746a20c4d2f2992bbefcacc3f2aad7e2b45f1f32da22e67

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 18:31:39 GMT

GET
H3 200 logo-small-35.png
whale-alert.io/assets/images/ 2 KB
2 KB 40ms
39ms Image
image/png 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whale-alert.io/assets/images/logo-small-35.png

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c43da5147026d0a2716f732f167178d3324f4af43eac304497db3d460bf083e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 19:33:36 GMT
server: cloudflare
age: 3813
x-frame-options: deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pG0xqRaCZUXlo%2Fq6XajPtDRzDt%2B7H%2BIKGrK4IdsC55RLUpTt1Hbi%2BZaWPUkJbNa1lGjHU2tyKqwJjS19ZM%2BvJOpljZtTUrXt0fQFjoBaiV4wqQFhpuhAQVNm1Zn1Giy%2BzttIEjREAJZmDQKFEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b4531ea5ef51e47-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1906

GET
H3 200 tron-30.png
whale-alert.io/assets/images/ 1 KB
2 KB 30ms
29ms Image
image/png 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whale-alert.io/assets/images/tron-30.png

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a437c58996fc46b3ad5eceb9805abd71146085881f49461f4575005bbc665f6

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 19:33:36 GMT
server: cloudflare
age: 4196
x-frame-options: deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kB2ZBZOK5Ib8A7mWhYQYwGCtdeHtkGF%2FI1JUKjBwjGrR9EoAmWM%2FdHhGmwXBcEBtBVKYsTSEZltOsb%2F3nVqoU%2BSt3ZZ2XK7LSj6STzIB2pd6YS%2BrImbuDsOEIV1ja5Yh7Vj3gl07O0h0we35DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b4531ea5f0b1e47-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1277

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@2/src/ 2 KB
2 KB 44ms
26ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 38980
x-jsd-version: 2.2.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19137-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6b4531ea38a52c3a-FRA

GET
H3 200 email-decode.min.js Show response
whale-alert.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 30ms
29ms Script
application/javascript 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whale-alert.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Nov 2021 17:32:49 GMT
server: cloudflare
etag: W/"619bd441-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whXJOlVm0Y9p4WUiE%2BVPdhpl%2BeRHdMnprZxjHuAKqL7OJp4%2FUm5mbSzuqqpVTnYRIZJvpkPWwR4Ww7ByXquovIYuRKmmPIGe4YB46gKaUtXLtJnUX1WD2aAeuCVRzdTwXKzxUR9K0Xqq%2BJ3FKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b4531ea5ee41e47-FRA
vary: Accept-Encoding
expires: Sun, 28 Nov 2021 18:31:39 GMT

GET
H3 200 plugins.min.js Show response
whale-alert.io/assets/js/ 779 KB
233 KB 123ms
123ms Script
text/javascript 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whale-alert.io/assets/js/plugins.min.js

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9d8bd2b393d4e39012752384ae91b4676a41f5e4152f43fbf0ba2c2c5393fac

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 19:33:48 GMT
server: cloudflare
age: 4867
x-frame-options: deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgllIIdURmxcsvqCAxS8FGUexxqupiSa9d8bql7LShOxTZfwLBPOaaxqlgU6mPsZWZkoGGyBIjdFlYxhBcnxyXqYH%2BdoXysBWDaGdFdKQAYuuhKJ%2BfwN7a%2Fh%2FX%2F%2Fa%2BaNIwPPyQWf0WbxOuwOfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b4531ea5ee91e47-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 app.min.js Show response
whale-alert.io/assets/js/ 18 KB
5 KB 46ms
45ms Script
text/javascript 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whale-alert.io/assets/js/app.min.js

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2726adbe7a277ed43ba5153855413c0e00db1794048e387414a10297687abe23

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 19:33:47 GMT
server: cloudflare
age: 4867
x-frame-options: deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BN%2FXeT2IypcocM63vZjlgHwsQqfv7fIKA4wCANfq48e89uQ%2BwpPZ1wbVJUkNNLaPbtptajlF6yDwdY8izoVNwItzDT8WDQIVzDHn5BN16uadqSB3%2Fv1CvbGWr3VGdOh1sOelGyo5kzpKZiNKnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b4531ea5eec1e47-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 css
fonts.googleapis.com/ 10 KB
841 B 30ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Indie+Flower

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/assets/css/style.light-blue-500.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9250dc80e8486ed058dd85d5ebe4066864d2c3ea540324e87bb9a98f6e8ff144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 17:26:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Nov 2021 18:31:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Nov 2021 18:31:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134300763-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3396
date: Fri, 26 Nov 2021 17:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 26 Nov 2021 19:35:03 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 347 KB
136 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://whale-alert.io/
Origin: https://whale-alert.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 16:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 26 Nov 2022 16:47:44 GMT

GET
H2 200 whalealert.js Show response
cdn4.buysellads.net/pub/ 573 KB
203 KB 56ms
13ms Script
application/javascript 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Requested by: Host: whale-alert.io
URL: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 3a8e53d970d7799a69e359506fc74473c49d529900e1a49b79c4cd398f035525

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 18:27:39 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 9HB1ZAV97Y0677AZ
etag: W/"76f59347ca3565a105abfdd2f732f9c3"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31104000
x-amz-id-2: w4eFrfcr6lh1ALvnfPsHv2rKi7RPnb68qsmIW0LD/8a9W9GYaKYUQCipV4JIr3tn9aLDvqQ3scE=
expires: Mon, 21 Nov 2022 18:31:39 GMT

GET
H3 200 skyline.jpg
whale-alert.io/assets/img/ 223 KB
224 KB 91ms
90ms Image
image/jpeg 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whale-alert.io/assets/img/skyline.jpg

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/assets/css/style.light-blue-500.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c13bdd98dffa488ef0d7e254df4352439599455a5c6657c35f5055b38d71a7d

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/assets/css/style.light-blue-500.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 19:33:38 GMT
server: cloudflare
age: 6069
x-frame-options: deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9Zh9X%2FIYk9%2BkKL2Tz6cvywX%2B9gKQlr2vU6g4m9SzK6xUdUZJmYh66ezII9y0GYqHJmFs7sKGh8iOQ5jlMgMwAn7HIO0IMoQzMT4xnD2%2Fwber9pn1W2c3hFjQe%2B7WQONU60hrEZRuqtApCgY9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b4531ea6f1c1e47-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 228605

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 37ms
15ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Indie+Flower

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://whale-alert.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:58:32 GMT
x-content-type-options: nosniff
age: 174787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:58:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Indie+Flower

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://whale-alert.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 17511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:39:48 GMT

GET
H3 200 Material-Design-Iconic-Font.woff2
whale-alert.io/assets/fonts/ 37 KB
38 KB 29ms
29ms Font
font/woff 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whale-alert.io/assets/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/assets/css/plugins.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://whale-alert.io/assets/css/plugins.min.css
Origin: https://whale-alert.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 19:33:34 GMT
server: cloudflare
age: 2141
x-frame-options: deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AaLwkrkOwB40VySmCkh%2F%2FGpEX95Wi1N7rKCrlcc83Pvv0q8ZHnqvydrClAOxg4Fg7UQOqERMb%2BmmEHVZXl10CO0j9ucgs4zoigBGB8Z5A6p4EiJyu2emTjkUEaLzL%2B33jTVF752jQKhXieHYaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b4531ea6f251e47-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38384

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 34ms
13ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Indie+Flower

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://whale-alert.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 174920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:56:19 GMT

GET
H3 200 fontawesome-webfont.woff2
whale-alert.io/assets/fonts/ 75 KB
76 KB 251ms
250ms Font
font/woff 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whale-alert.io/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/assets/css/plugins.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://whale-alert.io/assets/css/plugins.min.css
Origin: https://whale-alert.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 19:33:33 GMT
server: cloudflare
age: 2141
x-frame-options: deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYherfhwe67fBAUjCXLg9EOjv7wYCF%2F4gdu6HsZho%2F1wk85zrhMCD%2F%2FIDD7EBW0I%2BsRTtt3mlZPnTATiodm3fIdhE3op2qiWNEZQ7wucknKIAFdEthjEw19Lo15n7weJpjvl5J%2FoknYLO6iWpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b4531ea6f351e47-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1440500373&t=pageview&_s=1&dl=https%3A%2F%2Fwhale-alert.io%2Ftransaction%2Ftron%2Fc047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142&ul=en-us&de=UTF-8&dt=Whale%20Alert%20%7C%20Transaction%20Details&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1241290917&gjid=1152349105&cid=1502665619.1637951500&tid=UA-134300763-1&_gid=1189557077.1637951500&_r=1&gtm=2ouba1&z=401883375

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://whale-alert.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1055 / 311 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 26 Nov 2021 18:31:40 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
368 B 192ms
191ms Image
image/gif 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=4.108411222082417
Requested by: Host: whale-alert.io
URL: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:40 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: CHHBEFA37CEP8HMD
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: Jt970H7omjbAb2+jG6GiUsfIzrPHoB4+TeP0T6hXSuphlBMaFM2Lfv3XJnHq2S69VeqBBOL8XK4=
expires: Mon, 21 Nov 2022 18:31:40 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
371 B 195ms
195ms Image
image/gif 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=4.108411222082417
Requested by: Host: whale-alert.io
URL: https://whale-alert.io/transaction/tron/c047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:40 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: CHHBV75JBRP82F0T
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: gRfBPjxd0pyy7QRx6LxS+y8KTKqJPTndYCu9FLmfh9VqHiQFPaEJvCBcqCd+j+s+vME3lFgCnoQ=
expires: Mon, 21 Nov 2022 18:31:40 GMT

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 44ms
21ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 26 Nov 2021 18:31:40 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 33 B
684 B 36ms
15ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=whale-alert.io

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

27bb1ef6f09ce6311d24b212611b39ff5dd05f8207e37594dcb81ae369cf6dbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 18:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48
x-xss-protection: 0
expires: Fri, 26 Nov 2021 18:31:40 GMT

GET
H3 200 prev.png
whale-alert.io/assets/img/ 1 KB
2 KB 29ms
28ms Image
image/png 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whale-alert.io/assets/img/prev.png

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/assets/css/style.light-blue-500.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/assets/css/style.light-blue-500.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:40 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 19:33:38 GMT
server: cloudflare
age: 3061
x-frame-options: deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kBOx1y8097fp78vumuwaVWyrV6aqBg8Nx%2B%2BitFU92lpDrawSLc6ojIStbvmgnEbqeVw1wY6jdIg6qyrh27kAZJUNeXeSJNy29OhSsHQNaP5ju%2Fz%2FW4gI816qVAHFM87vuvAn%2BS5MXtFaicblg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b4531ebe9df1e47-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1360

GET
H3 200 next.png
whale-alert.io/assets/img/ 1 KB
2 KB 52ms
51ms Image
image/png 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whale-alert.io/assets/img/next.png

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/assets/css/style.light-blue-500.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/assets/css/style.light-blue-500.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:40 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 19:33:38 GMT
server: cloudflare
age: 3061
x-frame-options: deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfuJ2B85RcT7BUP6UnynJDUmsEJHtqCMRYrzGTpN%2FHZUY5ircHzNDZHUHHun3M5NZUGuHs4ufmjyDOLu14VlfgvS6Uqg8nCZHwlfysjGck0g%2BSfUbiK3T%2BCZgZxpKiiDMw%2FOyek9BUkvk0GnWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b4531ebe9e41e47-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1350

GET
H3 200 loading.gif
whale-alert.io/assets/img/ 8 KB
9 KB 29ms
28ms Image
image/gif 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whale-alert.io/assets/img/loading.gif

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/assets/css/style.light-blue-500.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/assets/css/style.light-blue-500.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:40 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 19:33:38 GMT
server: cloudflare
age: 3061
x-frame-options: deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oy7Qdq6k5SQEIt7McHAJwppufRJxtxoYzl9Amscqyu9kmOLh9A3c%2BEsTzHOICF5z2QL3xKGe%2BNw%2BEiXK8NHq446hmt4X1SlpAA2bUX5u%2BjxwYtE%2Bl1gxXhfXXFwgqNOh4%2BMbAJhpJMFRa90blQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b4531ebe9ea1e47-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8476

GET
H3 200 close.png
whale-alert.io/assets/img/ 280 B
849 B 32ms
32ms Image
image/png 2606:4700:3031::6815:1c31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whale-alert.io/assets/img/close.png

Requested by

Host: whale-alert.io
URL: https://whale-alert.io/assets/css/style.light-blue-500.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:1c31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/assets/css/style.light-blue-500.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:40 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 19:33:37 GMT
server: cloudflare
age: 3061
x-frame-options: deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLAuX8UAZnztkJ7OB9TN39mv5tjT865WGE%2Bp5NUy7JyKwfOGN2o5ha4IVtSzT0VS9MRBvnVokLCaJWAkuphKYKdb3HK%2BuO5y4q3YbjNXtfGluaPTIM6sKWLAr53GF4JeHInfCcXZLRvPctMayw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6b4531ebe9eb1e47-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 280

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
966 B 47ms
18ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13
content-type: application/javascript
x-amz-request-id: tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2: tx20fcbba173164c66b29ed-0061961d50
last-modified: Thu, 18 Nov 2021 09:29:40 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7B5Hl%2BPDkactExELhddMcx7hAwIBChyEXK8EcRDn9%2FvfkbXVFI3PCqxKFe6HeAI4JVrRzMTglZiG7edZFeB5c3VJDw2SORJ3ZItLbHvWwva%2BUZ1kP1Qn0WsBFBAIGGreYsHzXPTCj%2BAp3hh"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1637227780937425
cache-control: public, max-age=1800
cf-ray: 6b4531eeaf6a4e2b-FRA
expires: Fri, 26 Nov 2021 19:01:40 GMT

GET
H2 200 display Show response
mantodea.mantisadnetwork.com/prebid/ 56 B
339 B 352ms
128ms XHR
application/javascript 3.214.91.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1637951500562&secure=true&version=9&title=Whale%20Alert%20%7C%20Transaction%20Details&url=https%3A%2F%2Fwhale-alert.io%2Ftransaction%2Ftron%2Fc047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142&measurable=true&bids[0][bidId]=2b7c7692f66446&bids[0][config][property]=60b691c009d655000f837a57&bids[0][config][zone]=WhaleAlert_S2S_Leaderboard_ROS_ATF&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&property=60b691c009d655000f837a57&foo
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-91-80.compute-1.amazonaws.com
Software: / Express
Resource Hash: 50a6a95bd77c095e5a26eed72a77c518a4c3ec57b204c607ba90ddf7a980dc38

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:40 GMT
x-powered-by: Express
etag: W/"38-vWvJ3eAq7tuKHiViboNW6vPqYXo"
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://whale-alert.io
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 56
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 126ms
85ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://whale-alert.io
date: Fri, 26 Nov 2021 18:31:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
818 B 46ms
12ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

99f08991312c7e32c8dcfdae86d5263b23ee62b36f54a64a7610c77ae9ce78d9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 18:31:40 GMT
X-Proxy-Origin: 136.243.198.80; 136.243.198.80; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 86c2af8e-16b0-49e0-bfd4-d730ae056067
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://whale-alert.io
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
283 B 98ms
64ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=76136444093
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Nov 2021 18:31:39 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://whale-alert.io
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 768ms
265ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=378470&zone_id=2090128&size_id=2&alt_size_ids=55&rp_schain=1.0,1!buysellads.com,13173,1,,,&rf=https%3A%2F%2Fwhale-alert.io%2Ftransaction%2Ftron%2Fc047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142&tk_flint=pbjs_lite_v4.43.0&x_source.tid=e5ce6126-d0d4-4d7e-80ad-3c150b5905b1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7178613275405372
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 54d9a7741bed5ecb030209b1e91325cf72745cbee9a7ff5660c2338b76223a45

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 18:31:41 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://whale-alert.io
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 358 B
706 B 75ms
26ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwhale-alert.io%2Ftransaction%2Ftron%2Fc047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142&PublisherDomain=https%3A%2F%2Fwhale-alert.io

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

c29798f8236ee8aa6c66e2536478ad29030a0c4136d8ade00aeacc147bf03064

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:40 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://whale-alert.io
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 8
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 358
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
873 B 57ms
35ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a8aece42ead81eb36b4f6e28889a9cf4c960e2a412f7c6104ad3c2a557e2bbf0

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:40 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://whale-alert.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 prebid Show response
mp.4dex.io/ 99 B
510 B 57ms
26ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mp.4dex.io/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7acfb5df0761a486ebe1d7fd1bab75bfe774a8cde450cce79bef532a7b7f7107

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://whale-alert.io
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
cf-ray: 6b4531eecb6f4e14-FRA
x-err: Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits

POST
H2 200 adreq Show response
ads.servenobid.com/ 529 B
589 B 133ms
60ms XHR
application/json 52.48.128.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=7116
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.128.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-128-83.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 225f753afe06602fc824f6da0aba95053834fea6ac8364f1f2f9fc0f7fad81f3

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Nov 2021 18:31:40 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://whale-alert.io
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
291 B 89ms
48ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969544017c7c276e6e280a57d4001b&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: c2c9818890567b586ead2bd2a6616d4f8317102b5838875a9f6f7f687fdabc38

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Nov 2021 18:31:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://whale-alert.io
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 117ms
76ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ad24c4de5e15be359074acb9a4d7ab3888c11251b1069a8a81cf062fa103b03d

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Nov 2021 18:31:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://whale-alert.io
access-control-allow-credentials: true
content-length: 62

GET
H2 200 arj Show response
buysellads-d.openx.net/w/1.0/ 73 B
379 B 42ms
20ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://buysellads-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwhale-alert.io%2Ftransaction%2Ftron%2Fc047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e5ce6126-d0d4-4d7e-80ad-3c150b5905b1%2Ce5ce6126-d0d4-4d7e-80ad-3c150b5905b1&nocache=1637951500573&schain=1.0%2C1!buysellads.com%2C13173%2C1%2C%2C%2C&aus=970x90%7C728x90&divids=bsa-zone_1622579763745-1_123456%2Cbsa-zone_1622579763745-1_123456&aucs=%2C&auid=541023048%2C541001000
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4d1dfa3972496d75f543d82e607d302adbb8b85a7d52e33524573680d84d3da3

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:40 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://whale-alert.io
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 30ms
7ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://whale-alert.io
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 tmp Show response
appspb.cointraffic.io/pb/ 0
450 B 85ms
41ms XHR
text/javascript 185.85.241.235
MASSIVEGRID

General

Check archive.org

Show headers Download Go to

Full URL: https://appspb.cointraffic.io/pb/tmp
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.85.241.235 Frankfurt am Main, Germany, ASN49683 (MASSIVEGRID, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:40 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://whale-alert.io
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: 0

POST
H/1.1 200
OK request.php Show response
request.czilladx.com/serve/ 993 B
1 KB 52ms
10ms XHR
text/html 2a03:b0c0:3:e0::21f:7001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://request.czilladx.com/serve/request.php

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:e0::21f:7001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

91b46207f71a9b239aefb50b4fff9367b8249ed4ee06c881c60b5c63bd8d2637

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 18:31:40 GMT
Content-Encoding: br
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://whale-alert.io
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
Access-Control-Allow-Headers: *
Expires: Sun, 29 Jul 2012 00:00:00 GMT

POST
H/1.1 200
OK request.php Show response
request.czilladx.com/serve/ 998 B
1 KB 53ms
11ms XHR
text/html 2a03:b0c0:3:e0::21f:7001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://request.czilladx.com/serve/request.php

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:e0::21f:7001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6fb39c598ec51d82b5b1d64e19bf137b6872062003d20d4fac1ea7cf6700c9ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Referer: https://whale-alert.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 18:31:40 GMT
Content-Encoding: br
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://whale-alert.io
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
Access-Control-Allow-Headers: *
Expires: Sun, 29 Jul 2012 00:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 32ms
19ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 723562
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx6d6c7ff30e874a1a8d92f-0061961d6a
x-amz-id-2: tx6d6c7ff30e874a1a8d92f-0061961d6a
last-modified: Thu, 18 Nov 2021 09:29:40 GMT
server: cloudflare
etag: W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDg4xJFZTm4ge35zZPf3UXeMmYHzmzybyOJ0KxJ%2FpiIo6KWCk4kAixf1qIIhD9h60enfqhCwphB1vHLZmN5B%2BBRlHsT8bcMjKJGm6k0sS%2F5nTIROeFzEvNCVVoBq6mI3OSzgTtK1Wj5w2gEt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1637227779984125
cf-ray: 6b4531eeedf74ed3-FRA
access-control-allow-headers: Authorization

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=whale-alert.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 18:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=whale-alert.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 18:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 325ms
310ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2057275324664713&correlator=3250695586524897&output=ldjh&impl=fifs&eid=31063812%2C31060033&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=8691100%2CWhaleAlert_S2S_Leaderboard_ROS_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=optimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1622579763745-1_123456%26optimize_inview%3Dfalse%26hb_size_coinzilla%3D728x90%26hb_pb_coinzilla%3D1.82%26hb_adid_coinzilla%3D36b751aa048629e%26hb_bidder_coinzilla%3Dcoinzilla%26hb_size%3D728x90%26hb_pb%3D1.82%26hb_creative%3D65618e7965aca48780%26hb_adid%3D36b751aa048629e%26hb_bidder%3Dcoinzilla%26_bd%3Dbid%26_pl%3D1.82&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dcrypto%26optimize_env%3Dprod%26optimize_pub%3Dwhalealert&cookie_enabled=1&bc=31&abxe=1&lmt=1637951501&dt=1637951501358&dlt=1637951499791&idt=372&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=90&adks=3137915326&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwhale-alert.io%2Ftransaction%2Ftron%2Fc047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1110x10&msz=1110x10&ga_vid=1502665619.1637951500&ga_sid=1637951501&ga_hid=1440500373&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

462c44f493d117408b6a68398c33a3353b04a4ada233dc66105f1e338c75f7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8855
x-xss-protection: 0
google-lineitem-id: 5095292796
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138288185773
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://whale-alert.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 43ms
20ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58cb1515f754311d78793c9a0a3a98b80a6abf78df5abd7568bce04ef543cdb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 18:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9097
x-xss-protection: 0

GET
H2 200 container.html Show response
6ac1efb95f5b7b6d3709b8d390a7c6e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AD15 6 KB
4 KB 50ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6ac1efb95f5b7b6d3709b8d390a7c6e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 26 Nov 2021 18:31:41 GMT
expires: Sat, 26 Nov 2022 18:31:41 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 63ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 26 Nov 2021 18:31:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 505E 12 KB
5 KB 23ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 26 Nov 2021 13:15:29 GMT
expires: Sat, 26 Nov 2022 13:15:29 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6AD7 783 B
536 B 33ms
17ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

63c48dcb1ec2d26f78de3b3c83e333ad530c2774a70ddaafa4bf3ecae3306a44

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7DK40SU1vCKQOseRcZpPOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 26 Nov 2021 18:31:41 GMT
date: Fri, 26 Nov 2021 18:31:41 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-7DK40SU1vCKQOseRcZpPOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6AD7 0
0 69ms
54ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=2057275324664713&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 505E 35 KB
13 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 10:00:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 10:00:46 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=2057275324664713&bg=!9Pel97PNAAZQLpa_UC47ACkAdvg8WiqiNl5UFXTqWFuP5VHJ9vtneDkHgHTxZpNDAiqvut4bIeeMjQIAAABUUgAAAAdoAQcKAQIqB9VbuzSjPdxMRDK-KvotpfvBryM1b-lb3EoknVI9_W7oZ3ON8fbxC1m06Z8lFEIZwJDqXPnJl7v24VEbMdOt1ooT9sV3O78Aj_woen7xAw5Xs4gVOEPxOp57j60ZUzrc9fsnucLCLIxSeSrtRSviU9uI37PnN_7SviHNVsJY64MHBhXnlrDFQHAQBEpgmsdqb-ZdeC9Oc1MtNAsDu1GYzlnCiCCbXENs4FmXW04sbYKFLWPxiEj6Srb67C1bB7BuA0F6oiNRG-1vb0P4_lcdChl9bwHxluIrtYbwBAmSED_dyzhmFR2MBmbgjFr0Pal_K8vzgHZzGjNDecck1lDHfH6ZAntgdl0BBI9PBJ_NgaGfxLiU97NvD4ZV5Oy3DRnwA-ovx3OryfbznDINgqDUnjQJOzc4dm-qKJmp0ndBamingguvkfICBmijMT3u6v0vInBz4bIoN8KtEVPvBEgCjfm5Qv7Rpggc9sa0h0SCSV2HvERxuwvVQAB0cDaZGLxCjn_mGO2C6B2wLNVtl-sa2M0ZUYE7buY_s9XLRZNihbSc8QgVYiDYxBdeKwMIAWLx3PvWtXjqIX1bmGlnrRnNFzQkeQ9sE00ki22AJnVwH41sqASHJnmWb28XqH3LJ2XnJTK5ap6AhYcNMAZU6ZKj24J0BhfvFAZKzw2CPAybnC1nJ4qsSJgyXS9cNz0PBsGwN7Bi-idnZTCqtI9xr5inhQj1fHqNMG6ZmRosCkghFzN7R_sFdFkLm_WvZVIkRKQU6mCtTa2mN-pCe5LY9TCg9psDMCGF6ITKt6ihs-UAGFIZK3FZt2KqnaA15HtAqWu6KH1xPQlAHHAgwTR_iN2IbsceBWqk7JMqlwsCLE8KxbIFhpz4kiUZOrGs69bI2A661i3cE0gnEsa6rzTFjqlXlFtsStlPA7NQeN1qqc-8aYYhmtL-k66qwYER5-j9xiLghSnb6RRLqc5SS72RRyE-ns22yJ2vFHS95UXsmfxg0lMx5TdnucQGEmmS5Vi-WBPhiDrbcSaSUHV-kPd4U_zy7ExbufS8K8Lau80FG_LkV9miRlqofknJ_9LikgGy3s0UXvSHI1t-AN-hnQGNCsTg8bXFlsTcn4s-hMYI6JBXdrZNioIDMzuUE-XnfEgYgtmVVtatAyzID8jtl3122MqE4xI4w-MD6El-FqmMlmNY_w

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame E09A 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 23 Nov 2021 23:11:28 GMT
expires: Wed, 23 Nov 2022 23:11:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 242413
cache-control: public, immutable, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E09A 22 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Nov 2022 15:16:00 GMT

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame E09A 26 KB
9 KB 57ms
44ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c2210f87e564b9f117ad40e2cb2f666828d11dbb947bc4304e368b9d5e247ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35028
x-jsd-version: 1.12.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19169-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"682b-PM7TIXX2mG/XvjIIwb9PtOhKkw4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6b4531f5d9c37028-FRA

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E09A 119 KB
36 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 18:31:41 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E09A 0
0 42ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1M_vVat_dCP4yxPZVID_ugdiy-e64txW5QG2JTf7nygdxCxxF99XXNRrCMf_eOX5yHnQtVkqRQ6O6_CN4KLbRCzxzKMFvzxYwc6rufVbp3okvfGZ5yxDikiYdhny-fOtSxeCJAusmunvNkuW5AzLyGwOEdRCAGENSeuNdBH10jvsj9HLTMkGAc6VOE80lXhYO6c6VHQzLGj_TRdLivPcQovsgzM2U-oxGRgHHOq4hsDFpRQ-A9eAReaVxe2xrqG_JRa0xRfNi3o3V8bAu3VrVtSQx63CDdLRSHt-0vGvN7JLoHNDNVDzpuDKZ-7oOm_jFptIzoU_T5_xIXQi2p7Q&sai=AMfl-YR5OWxiq92tthm3rcEWIh_5ARDOa5csIf3aoh9MoTawLMdJshayQjgOVd3FcqJWoMv9lPZMW-eiuzQgxzwusnsp7fiyoqtSAS6xVJPEHLdfjNMfztqG09hD7lLR-2E&sig=Cg0ArKJSzOcnnL_lq_hAEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 18:31:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 26 Nov 2021 18:31:41 GMT

GET
DATA 200
OK truncated
/ Frame E09A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98fcd9ee3af0867cd411f37c41b0d3b6e052144eb1e67dfc9f427f08e67fe9e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E09A 0
0 56ms
41ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsty5fEVz_SDzsagKeOgble8mXod63p6D65pfsYKzSmB09uWtbxilK1Fwf0T7V0P8ZpIz7jMBPkpWGunaSc6XteQpw6p_BIF3ZyfYWYpVmSA8gg5bEEs0Bq_w7G4nKAGSiL_m1H6PrJnDKIzy8v-_LPYmmOMPDIikavVIhtqpcNcBgRV-_HxYr3PvUkeqGXTZYhvaYkPy797O3CDT_fkxZ6ob0PGUmSxrk_mu9tNU9Z5NH9NzVpuYlGMQUmDDZTVcBCsvRvrST8ju4wTX8aVzm5xP8EVzWIz__1-fyDUwk7lgisHPiFPZBzKxBPW0HXIiV8XTwLOWCEuk7YmioERFHLUjw&sai=AMfl-YQt0q40mFRMp7xQoBH5o__sv-lXUWDJu6DJy_Od0v6vEz0fT6ZZp2L3dgZmwXthX2sdFhwGmwQqrtMj4tZwqGlNG9RJ7pqE1P--szwHepUY7oreYYPtYKptAgxSSmM&sig=Cg0ArKJSzCd6ieXB9C6LEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 18:31:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 26 Nov 2021 18:31:41 GMT

GET
H/1.1 200
OK view.php Show response
request-global.czilladx.com/serve/ Frame 6DDB 2 KB
2 KB 28ms
13ms Document
text/html 2a03:b0c0:3:e0::21f:7001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://request-global.czilladx.com/serve/view.php?w=728&h=90&z=66260d2e5f030511463&c=65618e7965aca48780&n=1c1ad0d8cbc2223ceb5a4c34c73401b16a7d69c08f054c474db090d5e60c0011&integrity=eyJrZXkiOiI4MmIzMzc1MTVjYWUwZDk5ZGZkMzZiYmQ5ZjYyZjcwMWM2YzFhNmRiNTllZTg1NDg0MDk0NDMwYzBhYWY4NTA0IiwidGltZXN0YW1wIjoxNjM3OTUxNTAwLjYyNDAzNCwiaWRlbnRpZmllciI6IjI2Mjk5NDA5ZDQwZTQwMTM3MzkyYjY1YmFjOTRiNDYwN2U3YTE0ODQzNjA1NTdmZjk0MzYyNjQ0NzYwOTg0YjEifQ

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:e0::21f:7001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5ec19fb98fa52930df35dd8d3ef3a48c08a015f410c7feaa47669c073c30127c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/

Response headers

Server: nginx
Date: Fri, 26 Nov 2021 18:31:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: Sun, 29 Jul 2012 00:00:00 GMT
Access-Control-Allow-Headers: *
Content-Encoding: br
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;

GET
H2 200 information.png
cdn.coinzilla.com/defaults/ Frame 6DDB 3 KB
3 KB 50ms
15ms Image
image/png 2606:4700:3036::6815:58a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.coinzilla.com/defaults/information.png
Requested by: Host: request-global.czilladx.com
URL: https://request-global.czilladx.com/serve/view.php?w=728&h=90&z=66260d2e5f030511463&c=65618e7965aca48780&n=1c1ad0d8cbc2223ceb5a4c34c73401b16a7d69c08f054c474db090d5e60c0011&integrity=eyJrZXkiOiI4MmIzMzc1MTVjYWUwZDk5ZGZkMzZiYmQ5ZjYyZjcwMWM2YzFhNmRiNTllZTg1NDg0MDk0NDMwYzBhYWY4NTA0IiwidGltZXN0YW1wIjoxNjM3OTUxNTAwLjYyNDAzNCwiaWRlbnRpZmllciI6IjI2Mjk5NDA5ZDQwZTQwMTM3MzkyYjY1YmFjOTRiNDYwN2U3YTE0ODQzNjA1NTdmZjk0MzYyNjQ0NzYwOTg0YjEifQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:58a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d9c0de5c305ce42dda086073a62d8f1c85d021c1fd04ace705c3648a5c4c3db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://request-global.czilladx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:41 GMT
cf-cache-status: HIT
last-modified: Mon, 25 May 2020 10:34:42 GMT
server: cloudflare
age: 1491773
etag: W/"a03-5a67686d823a1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylYJWF3Bkztw57SLPgHM2vmrpkwBIZe1Dhj9gccbl7OawkOeVGK2qr%2B8J0Uq78PIEnwZtvJucZ%2FcWX0VhqJgW%2BpwrMN1C5u24fSNdmbNd1VOGa381LzCAPuOpmG1opgBlNdq1%2BBDX3ZIA1K0NfTsQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2419200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b4531f6e903695e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 09 Nov 2022 12:08:48 GMT

GET
DATA 200
OK truncated Show response
/ Frame A0A0 157 B
157 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d72193807a7271aaa38e74178ec691a7e0ec21e0edc1433730aa6ed80fbd0b9

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: text/html

GET
H2 200 f691ee5753d553c910baac6edae022ce.gif
cdn.coinzilla.io/creative/ Frame A0A0 223 KB
224 KB 74ms
41ms Image
image/gif 2606:4700:3034::6815:1585
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.coinzilla.io/creative/f691ee5753d553c910baac6edae022ce.gif
Requested by: Host: text
URL: data:text/html;base64,PGh0bWw+PGhlYWQ+PC9oZWFkPjxib2R5IHN0eWxlPSJtYXJnaW46MCI+PGltZyBzcmM9Imh0dHBzOi8vY2RuLmNvaW56aWxsYS5pby9jcmVhdGl2ZS9mNjkxZWU1NzUzZDU1M2M5MTBiYWFjNmVkYWUwMjJjZS5naWYiIHN0eWxlPSJ3aWR0aDoxMDAlIj48L2JvZHk+PC9odG1sPg==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1585 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 209437330621a90406fd5113e59cdfac3ce2118359d5af587439f7a1dff6264c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:41 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Nov 2021 14:54:17 GMT
server: cloudflare
age: 790435
etag: W/"37d03-5d0fd3758cb2c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtByK6yQAOLcLu1q%2BkEZzCV6TTLdDt5AxFJHwnw5ra2iSN57pjYvpIMw1STDtdNzaxUvHdNSCTylqwti7J4yA%2BoWwAjjGCIFDs%2BmbWIFqnRFayvkh%2Fe5FBDd38fdYFokQ9Bewg1Q5e8p2BY0Joh2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2419200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b4531f6ff572b89-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 17 Nov 2022 14:57:46 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E09A 42 B
64 B 54ms
40ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCT0HZ2JgBVh3BYVnigLpBoJMnwk5ZlwyAF3_hilnmYqSI54Hm7hKqJtQCLC25eGyFoorM_-SGtzEZy09noXmwtZrG7hN5Qy29dbnPIn6JP1M2qtC_&sig=Cg0ArKJSzG9H2xS95H2vEAE&id=lidar2&mcvt=1001&p=90,436,180,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=3137915326&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637951501702&rpt=111&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 69ms
29ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:43 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 Nov 2021 18:31:43 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3C49 11 KB
5 KB 62ms
17ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=whale-alert.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2164
date: Fri, 26 Nov 2021 18:31:42 GMT
content-length: 4683

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 68ms
33ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:43 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 Nov 2021 18:31:43 GMT

GET

sid
mug.criteo.com/ Frame 3C49
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=whale-alert.io&sn=ChromeSyncframe&so=0&topUrl=whale-alert.io&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=kS1Qonw1OVVxeTNjNW56bkpJbTR3UDl1cEFzYWI5SUN1YXlJUmtlTVdwRGVBeW54bW5xeXR6Q1JTTU1HMHJadEpJT0prc3N4NU9lVldzYVcxT2lJSy9KcjgxVDg1UlJOU0xVTkZSNU5lell0RWFJVmJEdnhVYTdqQnhwd2...

0
0

POST
H2 200 iex
csm.nl.eu.criteo.net/ Frame 3C49 43 B
217 B 57ms
19ms Ping
image/gif 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://csm.nl.eu.criteo.net/iex?gPath=Gum.ChromeSyncframe.SidReadError&msg=Failed%20to%20fetch&tag=Gum&tag=ChromeSyncframe&tag=SidReadError
Requested by: Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=whale-alert.io
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gum.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:42 GMT
server: Finatra
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 6300 2 KB
814 B 8ms
7ms Document
text/html 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1637951500607

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame EF42 23 KB
8 KB 73ms
36ms Document
text/html 104.107.160.24

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C237%2C2025%2C117%2C97%2C99%2C55%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C9%2C2011%2C3022%2C3020%2C172%2C251%2C175%2C2009%2C255%2C178%2C3018%2C3017%2C214%2C3014%2C70%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C80%2C10000%2C229%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.107.160.24 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

7e0fbe4aa28ee155737d43aa87ff38ce5fc2bcafeac62ef599f8048cf587bd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sun, 28 Nov 2021 18:31:44 GMT
date: Fri, 26 Nov 2021 18:31:44 GMT
content-length: 8213

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 9EB3 0
91 B 62ms
16ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.221.0
date: Fri, 26 Nov 2021 18:31:44 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame B3DE 8 KB
4 KB 173ms
9ms Document
text/html 2620:1ec:46::44

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31d5648df5eebdf3d492b355285870ced53b93143889c04edf9deb94357dd6e6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Mon, 08 Nov 2021 19:40:02 GMT
accept-ranges: bytes
etag: "1484c6be7981ef2d93457ae1b8222f04"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: A12C9Qgn2+qPNNaQx002A0MotsDCPGN66GsP3+sJVOv65nQXOD2+Nprdyb3g4F+NUNyJylkuHE0=
x-amz-request-id: 9SQFC5XC5PYZVZEA
x-amz-meta-codebuild-content-sha256: 62eaff6ee8ff549c0050f611ee47c040b5383016dfbf921a2d194f6354569f2b
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:d8405d4a-5b5c-467c-aa1e-ad154dcb077c
x-amz-meta-codebuild-content-md5: 81217ffa8e68730be30130a20e0871d1
x-azure-ref-originshield: 0ugahYQAAAABmvmrLh84iQoAtQdlzliE7QU1TMDRFREdFMTgwOQA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0ECihYQAAAABeISCCvvvZR6eaj92ISi0oRlJBRURHRTEwMTYAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Fri, 26 Nov 2021 18:31:44 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A362 14 KB
5 KB 68ms
16ms Document
text/html 184.87.212.214

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.87.212.214 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=20139
expires: Sat, 27 Nov 2021 00:07:23 GMT
date: Fri, 26 Nov 2021 18:31:44 GMT
vary: Accept-Encoding

GET
H2 200 iframe Show response
mantodea.mantisadnetwork.com/prebid/ Frame F023 252 B
490 B 104ms
103ms Document
text/html 3.214.91.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1637951500917&secure=true&version=9&uuid=bb1fdf3a-f1f8-4319-9266-9292e8387f33&title=Whale%20Alert%20%7C%20Transaction%20Details&url=https%3A%2F%2Fwhale-alert.io%2Ftransaction%2Ftron%2Fc047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-91-80.compute-1.amazonaws.com
Software: / Express
Resource Hash: 28040d5f7a7f730ef48ac111eea514ac039f550ebbb4519dcf5194d36bdbbc9f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
content-type: text/html; charset=utf-8
content-length: 252
x-powered-by: Express
vary: Origin
access-control-allow-credentials: true
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
etag: W/"fc-+cZ+Y5Yx7AuoPbO10sBRmQbT0kQ"

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7B15 281 B
554 B 48ms
9ms Document
text/html 104.92.74.8

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 26 Nov 2021 18:31:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2B28 52 KB
17 KB 75ms
16ms Document
text/html 184.87.212.200

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/whalealert.js?1637951400000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.87.212.200 -, , ASN (),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sat, 27 Nov 2021 18:31:46 GMT
Date: Fri, 26 Nov 2021 18:31:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ 0
52 B 8ms
7ms Image
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://whale-alert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7B15 32 KB
10 KB 7ms
7ms Script
text/html 104.92.74.8

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 937a3477372a826e2221ab76df0804efbd2912f2b7d7c217dcea698a7007391c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 18:31:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52804
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9511
Expires: Sat, 27 Nov 2021 09:11:48 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A362 2 KB
3 KB 57ms
12ms Script
text/html 198.47.127.19

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74911904&p=161102&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23e3528fb3eb992c093044c1374ff77cfb2674d10fed5163f5caacb6172f8058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 2B28
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
805 B

14ms
14ms

Script
text/html

185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 18:31:44 GMT
X-Proxy-Origin: 136.243.198.80; 136.243.198.80; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a91f385e-346e-4d89-ade0-822725bda4a6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 18:31:44 GMT
X-Proxy-Origin: 136.243.198.80; 136.243.198.80; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 765600d8-a04e-426d-96e6-3fbc26459b60
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame F023 2 KB
1 KB 43ms
16ms Script
application/javascript 104.16.200.58

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=60b691c009d655000f837a57&s=whale-alert.io
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1637951500917&secure=true&version=9&uuid=bb1fdf3a-f1f8-4319-9266-9292e8387f33&title=Whale%20Alert%20%7C%20Transaction%20Details&url=https%3A%2F%2Fwhale-alert.io%2Ftransaction%2Ftron%2Fc047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Nov 2021 18:20:49 GMT
server: cloudflare
age: 571
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6b4532084bbe5b44-FRA
content-length: 1168
expires: Fri, 26 Nov 2021 20:31:44 GMT

GET

query
ecs.mantisadnetwork.com/sync/pixel/ Frame F023
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=e678254f-db57-4cd4-a885-4526ad761d9a

0
0

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 25F3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=8562F436-5339-4616-9A36-92C6111BD0CA
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8562F436-5339-4616-9A36-92C6111BD0CA

35 B
468 B

20ms
18ms

Document
image/gif

37.157.2.236

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8562F436-5339-4616-9A36-92C6111BD0CA

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 26 Nov 2021 18:31:44 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Fri, 26 Nov 2021 18:31:44 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8562F436-5339-4616-9A36-92C6111BD0CA
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 1A24
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3161441608773694398

42 B
210 B

26ms
26ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3161441608773694398
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 26 Nov 2021 18:31:44 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug021:0:544
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3161441608773694398
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET usersync.aspx
dis.criteo.com/dis/ Frame 47CD 0
0

GET pixel
cm.g.doubleclick.net/ Frame A362 0
0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame A362
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1d0961a1-2810-4400-9c6a-b2eb893187d4

0
260 B

67ms
12ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1d0961a1-2810-4400-9c6a-b2eb893187d4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 26 Nov 2021 18:31:44 GMT
Server: MT3 4133 baa842e master zrh-pixel-x15 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1d0961a1-2810-4400-9c6a-b2eb893187d4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 26 Nov 2021 18:31:43 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame A362
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=8562F436-5339-4616-9A36-92C6111BD0CA
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=75294fa7fc1a268e4e2986069164d158

35 B
248 B

15ms
15ms

Image
image/gif

51.210.112.236

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=75294fa7fc1a268e4e2986069164d158
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: HTTP/1.1
Server: 51.210.112.236 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Fri, 26 Nov 2021 18:31:44 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=75294fa7fc1a268e4e2986069164d158
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A362
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODU2MkY0MzYtNTMzOS00NjE2LTlBMzYtOTJDNjExMUJEMENB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

28ms
26ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:633
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A362
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP5REFM7GwJ-61wpirkEIb0&google_cver=1

42 B
282 B

27ms
26ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP5REFM7GwJ-61wpirkEIb0&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug011:0:390
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP5REFM7GwJ-61wpirkEIb0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame A362 43 B
618 B 67ms
14ms Image
image/gif 169.50.137.182

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 25 Nov 2021 18:31:44 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A362
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6a6661a1-2810-4600-9aca-2903c9da9f10&gdpr=0&gdpr_consent=

42 B
338 B

27ms
25ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6a6661a1-2810-4600-9aca-2903c9da9f10&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:476
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 26 Nov 2021 18:31:44 GMT
Server: MT3 4133 baa842e master zrh-pixel-x7 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6a6661a1-2810-4600-9aca-2903c9da9f10&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 26 Nov 2021 18:31:43 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A362
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3193111019009802907

42 B
232 B

29ms
26ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3193111019009802907
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug022:0:468
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:44 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3193111019009802907
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A362
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e678254f-db57-4cd4-a885-4526ad761d9a

42 B
295 B

25ms
25ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e678254f-db57-4cd4-a885-4526ad761d9a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:391
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:44 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e678254f-db57-4cd4-a885-4526ad761d9a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A362
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8522732346245329597&gdpr=0&gdpr_consent=

42 B
520 B

107ms
26ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8522732346245329597&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:410
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 18:31:44 GMT
X-Proxy-Origin: 136.243.198.80; 136.243.198.80; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e8a56615-92b2-4646-a907-c4c1a1e7f07b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8522732346245329597&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A362
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zFwXWshVR1vXDkRbyVxbD8wIR1LXWBJYyVQ3ILHS

42 B
320 B

28ms
26ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zFwXWshVR1vXDkRbyVxbD8wIR1LXWBJYyVQ3ILHS
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:1088
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zFwXWshVR1vXDkRbyVxbD8wIR1LXWBJYyVQ3ILHS
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame F023 31 KB
24 KB 19ms
18ms Script
application/javascript 104.16.200.58

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1637951504702&ver1=2.2.3&qid=83233313f553333313f513430313&rnd=di1v9mjh43y1&cid=1041
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=60b691c009d655000f837a57&s=whale-alert.io
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Nov 2021 18:20:49 GMT
server: cloudflare
age: 571
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6b4532086c2d5b44-FRA
content-length: 24217
expires: Fri, 26 Nov 2021 20:31:44 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7B15
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dHUTE2WFUtMVEtMkRJVA==

170 B
243 B

45ms
45ms

Image
image/png

216.58.212.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dHUTE2WFUtMVEtMkRJVA==

Protocol

Server

216.58.212.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dHUTE2WFUtMVEtMkRJVA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7B15
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=2e9561a1-2810-4100-8775-8f6b4c1dcad4

0
239 B

30ms
7ms

Image
image/gif

69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=2e9561a1-2810-4100-8775-8f6b4c1dcad4
Protocol: HTTP/1.1
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

Date: Fri, 26 Nov 2021 18:31:44 GMT
Server: MT3 4133 baa842e master zrh-pixel-x27 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=2e9561a1-2810-4100-8775-8f6b4c1dcad4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 26 Nov 2021 18:31:43 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7B15
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YaEoEAAHf1YSUwBR
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaEoEAAHf1YSUwBR&_test=YaEoEAAHf1YSUwBR

0
239 B

9ms
8ms

Image
image/gif

69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaEoEAAHf1YSUwBR&_test=YaEoEAAHf1YSUwBR
Protocol: HTTP/1.1
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:44 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637951505.869054,VS0,VE0
x-served-by: cache-fra19147-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaEoEAAHf1YSUwBR&_test=YaEoEAAHf1YSUwBR
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET token
token.rubiconproject.com/ Frame 7B15 0
0

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 7B15 0
0 38ms
14ms Image
text/plain 35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 7B15 70 B
265 B 69ms
33ms Image
image/gif 15.197.193.217

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7B15
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKYvm7V-1EG1vjyp2cvawnA&google_cver=1

0
239 B

32ms
9ms

Image
image/gif

69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKYvm7V-1EG1vjyp2cvawnA&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 18:31:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKYvm7V-1EG1vjyp2cvawnA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET token
token.rubiconproject.com/ Frame 7B15 0
0

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame EF1A 4 KB
2 KB 107ms
33ms Document
text/html 34.254.122.11

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.122.11 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 57e867f3b205beefa8fbf317eed9112c28a7a69b67225e8db0276ad88c7de067

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
etag: W/"0e9e58bfcd0da4263c0cc523d23d3b41a"
timing-allow-origin: *
content-encoding: gzip

GET ps
pixel.33across.com/ Frame 3E04 0
0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 8CAA 2 KB
814 B 8ms
8ms Document
text/html 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 7EE5 760 B
1010 B 98ms
16ms Document
text/html 185.86.139.104

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ee78657636cb8b371dd64adddf3987eeee86c98663e0602711599d0b5da01b0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
content-type: text/html
content-length: 760

GET usermatch
ssum-sec.casalemedia.com/ Frame 256B 0
0

GET
H2

200

sync
ads.servenobid.com/ Frame B3DE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=8522732346245329597

0
344 B

32ms
31ms

Image
image/avif

52.48.128.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=8522732346245329597
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.48.128.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-128-83.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 18:31:44 GMT
X-Proxy-Origin: 136.243.198.80; 136.243.198.80; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 99f75b47-ca0b-4e5a-84f9-7636612bfb54
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&uid=8522732346245329597
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame B3DE
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1

0
433 B

24ms
23ms

Image
text/plain

216.52.2.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Server: 216.52.2.48 -, , ASN (),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 18:31:44 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 18:31:44 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET

RX-8483c52c-921c-4215-99aa-86266ed147e1-003
sync.targeting.unrulymedia.com/csync/ Frame B3DE
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8275620499
https://sync.1rx.io/usersync/tradedesk/e678254f-db57-4cd4-a885-4526ad761d9a
https://sync.targeting.unrulymedia.com/csync/RX-8483c52c-921c-4215-99aa-86266ed147e1-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-8483c52c-921c-4215-99aa-86266ed147e1-003

0
0

GET 101954
jadserve.postrelease.com/suid/ Frame B3DE 0
0

GET
H2

200

sync
ads.servenobid.com/ Frame B3DE
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5107433821850461864

0
344 B

31ms
31ms

Image
image/avif

52.48.128.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5107433821850461864
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.48.128.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-128-83.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5107433821850461864
Date: Fri, 26 Nov 2021 18:31:44 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame B3DE 0
474 B 68ms
12ms Image
text/plain 178.162.133.149

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 18:31:44 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET 0
prebid.a-mo.net/cchain/ Frame B3DE 0
0

GET sync
t.adx.opera.com/pub/ Frame B3DE 0
0

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame F023 26 B
304 B 50ms
18ms Image
image/gif 2606:4700::6810:4036

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1637951504781&rnd=di1v9mjh43y1&ifm=1&uai=1&cid=1041&s=whale-alert.io&p=60b691c009d655000f837a57&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1637951500917&secure=true&version=9&uuid=bb1fdf3a-f1f8-4319-9266-9292e8387f33&title=Whale%20Alert%20%7C%20Transaction%20Details&url=https%3A%2F%2Fwhale-alert.io%2Ftransaction%2Ftron%2Fc047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Nov 2021 00:53:19 GMT
server: cloudflare
age: 1921
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6b4532095eed5c92-FRA
content-length: 26
expires: Fri, 26 Nov 2021 20:31:44 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame F023 26 B
88 B 68ms
36ms Image
image/gif 2606:4700::6810:4036

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1637951504767709&ver=1.2r81&qid=83233313f553333313f513430313&p=60b691c009d655000f837a57&s=whale-alert.io&x=&cid=1041&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=di1v9mjh43y1&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&1=df779414ccee2cd444b5ce84d51edce9&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1041&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=27&icp=https%253A//whale-alert.io/&irfl=27&irf=https%253A//whale-alert.io/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-28-p-fl-24-s-fl-14-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=22
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1637951500917&secure=true&version=9&uuid=bb1fdf3a-f1f8-4319-9266-9292e8387f33&title=Whale%20Alert%20%7C%20Transaction%20Details&url=https%3A%2F%2Fwhale-alert.io%2Ftransaction%2Ftron%2Fc047cc7806c44ea0b20ccedabdc127cf875eddc0119237c39cec99fb0a820142
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Nov 2021 00:53:19 GMT
server: cloudflare
age: 2719
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6b4532095ef15c92-FRA
content-length: 26
expires: Fri, 26 Nov 2021 20:31:44 GMT

GET sync
ads.servenobid.com/ Frame 7EE5 0
0

GET sas
match.prod.bidr.io/cookie-sync/ Frame 7EE5 0
0

GET smart
sync.adotmob.com/cookie/ Frame 7EE5 0
0

GET

/
rtb-csync.smartadserver.com/redir/ Frame 7EE5
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=88acdaad-00be-4ecb-92d2-25710727ca6b&gdpr_consent=null&gdpr=0

0
0

GET

/
rtb-csync.smartadserver.com/redir/ Frame 7EE5
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=8522732346245329597&gdpr=0&gdpr_consent=

0
0

GET

usersync
rtb.gumgum.com/ Frame EF1A
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=8522732346245329597

0
0

GET sync
x.bidswitch.net/ Frame EF1A 0
0

GET sync
sync.srv.stackadapt.com/ Frame EF1A 0
0

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame EF1A 0
0

GET

sync
x.bidswitch.net/ Frame EF1A
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8483c52c-921c-4215-99aa-86266ed147e1-003&rndcb=371885205

0
0

GET rtset
bh.contextweb.com/bh/ Frame EF1A 0
0

GET redirectObuid
sync.outbrain.com/ Frame EF1A 0
0

GET

usersync
rtb.gumgum.com/ Frame EF1A
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=db9026cd-bfb4-4c2c-9861-5139117205a5

0
0

GET gumgum
pr-bh.ybp.yahoo.com/sync/ Frame EF1A 0
0

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame EF1A 0
0

GET services
sync.technoratimedia.com/ Frame EF1A 0
0

GET 142
match.deepintent.com/usersync/ Frame EF1A 0
0

GET server_match
ad.360yield.com/ Frame EF1A 0
0

GET sync
ssbsync.smartadserver.com/api/ Frame EF1A 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame EF1A 0
358 B 32ms
30ms Image
image/avif 52.48.128.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_f9e39c9e-ff79-44e8-9ed3-1e882d9a37df
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.128.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-128-83.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D5FB 14 KB
5 KB 16ms
14ms Document
text/html 184.87.212.214

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.87.212.214 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=20139
expires: Sat, 27 Nov 2021 00:07:23 GMT
date: Fri, 26 Nov 2021 18:31:44 GMT
vary: Accept-Encoding

GET
H2

200

usersync
rtb.gumgum.com/ Frame 64C1
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=e678254f-db57-4cd4-a885-4526ad761d9a&t=1640543504

0
0

38ms
38ms

Document
image/gif

34.254.122.11

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=e678254f-db57-4cd4-a885-4526ad761d9a&t=1640543504
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.122.11 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Fri, 26 Nov 2021 18:31:44 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=e678254f-db57-4cd4-a885-4526ad761d9a&t=1640543504
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3B56
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

7ms
6ms

Document
text/html

104.92.74.8

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 26 Nov 2021 18:31:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=gumgum
Date: Fri, 26 Nov 2021 18:31:44 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

usersync
rtb.gumgum.com/ Frame 5B35
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=2e9561a1-2810-4100-8775-8f6b4c1dcad4&gdpr=0&gdpr_consent=

0
0

39ms
37ms

Document
image/gif

34.254.122.11

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=2e9561a1-2810-4100-8775-8f6b4c1dcad4&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.122.11 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Fri, 26 Nov 2021 18:31:44 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master zrh-pixel-x10 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=2e9561a1-2810-4100-8775-8f6b4c1dcad4&gdpr=0&gdpr_consent=
Expires: Fri, 26 Nov 2021 18:31:43 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame E94E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=atm&i=YaEoEAAHf1YSUwBR&gdpr=0&gdpr_consent=

35 B
0

47ms
39ms

Document
image/gif

34.254.122.11

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YaEoEAAHf1YSUwBR&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.122.11 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YaEoEAAHf1YSUwBR&gdpr=0&gdpr_consent=
accept-ranges: bytes
date: Fri, 26 Nov 2021 18:31:44 GMT
via: 1.1 varnish
x-served-by: cache-fra19147-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1637951505.876962,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 277B 170 B
0 60ms
46ms Document
image/png 216.58.212.130

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9mOWUzOWM5ZS1mZjc5LTQ0ZTgtOWVkMy0xZTg4MmQ5YTM3ZGY=&gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

content-type: image/png
date: Fri, 26 Nov 2021 18:31:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET /
ssc-cms.33across.com/ps/ Frame 89D1 0
0

GET um
cs.emxdgt.com/ Frame 60D3 0
0

GET idsync
tg.socdm.com/aux/ Frame 957D 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 143C
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=5107433821850461864

0
0

39ms
39ms

Document
image/gif

34.254.122.11

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=5107433821850461864
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.122.11 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 26 Nov 2021 18:31:44 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Fri, 26 Nov 2021 18:31:44 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://rtb.gumgum.com/usersync?b=zet&i=5107433821850461864
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET

usersync
rtb.gumgum.com/ Frame F389
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=sth62qwlunzaANIGwQCR&pi=gumgum&tc=1

0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3B56 32 KB
10 KB 6ms
6ms Script
text/html 104.92.74.8

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 937a3477372a826e2221ab76df0804efbd2912f2b7d7c217dcea698a7007391c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 18:31:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52804
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9511
Expires: Sat, 27 Nov 2021 09:11:48 GMT

GET sync.php
pixel.rubiconproject.com/exchange/ Frame 3B56 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mug.criteo.com
URL: https://mug.criteo.com/sid?cpp=kS1Qonw1OVVxeTNjNW56bkpJbTR3UDl1cEFzYWI5SUN1YXlJUmtlTVdwRGVBeW54bW5xeXR6Q1JTTU1HMHJadEpJT0prc3N4NU9lVldzYVcxT2lJSy9KcjgxVDg1UlJOU0xVTkZSNU5lell0RWFJVmJEdnhVYTdqQnhwd2lFY1UzTlhFdWdIZDZsNG9Kb1ZKa1ZHeUdxOFZlb2VLVDBkSFFFSTdqYllwWjQ5YkVrVjhUbkFMdW5ILzRWc25lUWxLWE1qVjNQcE1TZHRZNS9PcVZsMTVyYnVGSUZEaGVzODZ1dCs0QUlJcGYyQWZPeGg3N2JuZVArSURBRHNxSkRreFZENHJrK1dQRUNnVTA0RVBPTEd3YXBFQkU1QT09fA&cppv=2

Domain: ecs.mantisadnetwork.com
URL: https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=e678254f-db57-4cd4-a885-4526ad761d9a

Domain: dis.criteo.com
URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hWL0NlM5RhaaNpLGERvQyg%3D%3D

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=2249&pt=n

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=26594

Domain: pixel.33across.com
URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Domain: sync.targeting.unrulymedia.com
URL: https://sync.targeting.unrulymedia.com/csync/RX-8483c52c-921c-4215-99aa-86266ed147e1-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-8483c52c-921c-4215-99aa-86266ed147e1-003

Domain: jadserve.postrelease.com
URL: https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D

Domain: t.adx.opera.com
URL: https://t.adx.opera.com/pub/sync?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D335%26uid%3D

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=317&uid=8974557576562325334&gdpr=0&gdpr_consent=

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=

Domain: sync.adotmob.com
URL: https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=88acdaad-00be-4ecb-92d2-25710727ca6b&gdpr_consent=null&gdpr=0

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=8522732346245329597&gdpr=0&gdpr_consent=

Domain: rtb.gumgum.com
URL: https://rtb.gumgum.com/usersync?b=apn&i=8522732346245329597

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_f9e39c9e-ff79-44e8-9ed3-1e882d9a37df&gdpr=0&gdpr_consent=&us_privacy=1---

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_f9e39c9e-ff79-44e8-9ed3-1e882d9a37df&gdpr=0&gdpr_consent=&us_privacy=1---

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8483c52c-921c-4215-99aa-86266ed147e1-003&rndcb=371885205

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D

Domain: rtb.gumgum.com
URL: https://rtb.gumgum.com/usersync?b=opx&i=db9026cd-bfb4-4c2c-9861-5139117205a5

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/142

Domain: ad.360yield.com
URL: https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=15

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X

Domain: cs.emxdgt.com
URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID

Domain: tg.socdm.com
URL: https://tg.socdm.com/aux/idsync?proto=gumgum

Domain: rtb.gumgum.com
URL: https://rtb.gumgum.com/usersync?b=rth&i=sth62qwlunzaANIGwQCR&pi=gumgum&tc=1

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
whale-alert.io/transaction/tron	1970-01-19 22:59:54	Name: _csrf Value: MTYzNzk1MTQ5OXxJalZEUlRWQk5WVnJiWHA0Ym5Gb1JqTkdSQzlYTjBWb1ZrWnNkVlp4VUhGelowTmlkRUZ5V1dkV1FsRTlJZ289fFamv2mHmPnWp_cEDjicgMrTj3IAD_-qzeez_q7QNmAr
.whale-alert.io/	1970-01-20 16:30:23	Name: _ga Value: GA1.2.1502665619.1637951500
.whale-alert.io/	1970-01-19 23:00:37	Name: _gid Value: GA1.2.1189557077.1637951500
.whale-alert.io/	1970-01-19 22:59:11	Name: _gat_gtag_UA_134300763_1 Value: 1
.rubiconproject.com/	1970-01-20 07:44:47	Name: khaos Value: KWGQ16XU-1Q-2DIT
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GLHAIlzGqoEKZaU66THvScWV7/AA==
.rubiconproject.com/	1970-01-20 07:44:47	Name: audit Value: 1\|bkkeSz5hU3xda53BVwGPteMH05QULE/jV/G9Z/GRzTxqjK1sECNPHwzjX03tnDwa6osQkVezNdRiMukdh0tHn4n0kEOGVL/NTCnSCuDd+RA=
.whale-alert.io/	1970-01-20 08:20:47	Name: __gads Value: ID=24a09819753f94d3-22d80c30fbcb003b:T=1637951501:S=ALNI_MZj5u_qxXh8NtaTBaE6WORi89TFUg
.doubleclick.net/	1970-01-20 08:20:47	Name: IDE Value: AHWqTUn_o1LzCW9ieWGkwYwjB8r--c8ns6Iq7LH3eFKUmJX2kDimewLJND31uD2OTpI
.coinzilla.io/	1970-01-19 22:59:13	Name: __cf_bm Value: yA2DGGlfRVMkJIdbH0pQ4Xg6bRNRrFF6RvX0OjkogRs-1637951501-0-Ab5bQtaVySHMtZcGaUVk7i86ycfnyWLvMS7sPdwBb9nlCWIzzHxjFM3k75RUyuVOsjQgWhEAi7IeYGD53pHyL+o=
.criteo.com/	1970-01-20 08:20:47	Name: uid Value: 9f71e554-6dd4-4cf6-a2ae-eeab7c0f1b86

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=whale-alert.io#{%22optout%22:{%22value%22:false,%22origin%22:0},%22uid%22:{%22origin%22:0},%22sid%22:{%22origin%22:0},%22origin%22:%22publishertag%22,%22version%22:116,%22lwid%22:{%22origin%22:0},%22tld%22:%22whale-alert.io%22,%22bundle%22:{%22origin%22:0},%22topUrl%22:%22whale-alert.io%22,%22cw%22:true,%22ifa%22:{%22origin%22:0},%22lsw%22:true} Message: Access to fetch at 'https://mug.criteo.com/sid?cpp=kS1Qonw1OVVxeTNjNW56bkpJbTR3UDl1cEFzYWI5SUN1YXlJUmtlTVdwRGVBeW54bW5xeXR6Q1JTTU1HMHJadEpJT0prc3N4NU9lVldzYVcxT2lJSy9KcjgxVDg1UlJOU0xVTkZSNU5lell0RWFJVmJEdnhVYTdqQnhwd2lFY1UzTlhFdWdIZDZsNG9Kb1ZKa1ZHeUdxOFZlb2VLVDBkSFFFSTdqYllwWjQ5YkVrVjhUbkFMdW5ILzRWc25lUWxLWE1qVjNQcE1TZHRZNS9PcVZsMTVyYnVGSUZEaGVzODZ1dCs0QUlJcGYyQWZPeGg3N2JuZVArSURBRHNxSkRreFZENHJrK1dQRUNnVTA0RVBPTEd3YXBFQkU1QT09fA&cppv=2' (redirected from 'https://gum.criteo.com/sid/json?origin=publishertag&domain=whale-alert.io&sn=ChromeSyncframe&so=0&topUrl=whale-alert.io&cw=1&lsw=1') from origin 'https://gum.criteo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://mug.criteo.com/sid?cpp=kS1Qonw1OVVxeTNjNW56bkpJbTR3UDl1cEFzYWI5SUN1YXlJUmtlTVdwRGVBeW54bW5xeXR6Q1JTTU1HMHJadEpJT0prc3N4NU9lVldzYVcxT2lJSy9KcjgxVDg1UlJOU0xVTkZSNU5lell0RWFJVmJEdnhVYTdqQnhwd2lFY1UzTlhFdWdIZDZsNG9Kb1ZKa1ZHeUdxOFZlb2VLVDBkSFFFSTdqYllwWjQ5YkVrVjhUbkFMdW5ILzRWc25lUWxLWE1qVjNQcE1TZHRZNS9PcVZsMTVyYnVGSUZEaGVzODZ1dCs0QUlJcGYyQWZPeGg3N2JuZVArSURBRHNxSkRreFZENHJrK1dQRUNnVTA0RVBPTEd3YXBFQkU1QT09fA&cppv=2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6ac1efb95f5b7b6d3709b8d390a7c6e0.safeframe.googlesyndication.com
acdn.adnxs.com
ad.360yield.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
appspb.cointraffic.io
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
buysellads-d.openx.net
c1.adform.net
c2shb.ssp.yahoo.com
cdn.coinzilla.com
cdn.coinzilla.io
cdn.jsdelivr.net
cdn4.buysellads.net
ce.lijit.com
cm.g.doubleclick.net
contextual.media.net
cs.emxdgt.com
csm.nl.eu.criteo.net
d5p.de17a.com
dis.criteo.com
ecs.mantisadnetwork.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jadserve.postrelease.com
loada.exelator.com
mantodea.mantisadnetwork.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mp.4dex.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.33across.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.yabidos.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
request-global.czilladx.com
request.czilladx.com
rtb-csync.smartadserver.com
rtb.gumgum.com
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.criteo.net
sync-tm.everesttech.net
sync.adotmob.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.adx.opera.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
whale-alert.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ad.360yield.com
ads.servenobid.com
b1sync.zemanta.com
bh.contextweb.com
cm.g.doubleclick.net
cs.emxdgt.com
dis.criteo.com
ecs.mantisadnetwork.com
jadserve.postrelease.com
match.deepintent.com
match.prod.bidr.io
mug.criteo.com
pixel.33across.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
rtb-csync.smartadserver.com
rtb.gumgum.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
sync.adotmob.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.adx.opera.com
tg.socdm.com
token.rubiconproject.com
x.bidswitch.net
104.107.160.24
104.16.200.58
104.92.74.8
142.250.186.98
15.197.193.217
151.101.2.49
169.50.137.182
178.162.133.149
178.250.2.131
178.250.2.150
18.156.195.47
184.87.212.200
184.87.212.214
185.255.84.151
185.29.132.245
185.33.220.100
185.64.189.112
185.64.190.80
185.85.241.235
185.86.139.104
193.0.160.129
198.47.127.19
198.47.127.20
213.155.156.167
216.52.2.48
216.58.212.130
2602:803:c001::200:194
2606:4700:20::681a:8a9
2606:4700:3031::6815:1c31
2606:4700:3034::6815:1585
2606:4700:3036::6815:58a5
2606:4700::6810:4036
2606:4700::6810:5614
2606:4700::6812:372
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:46::44
2a00:1450:4001:802::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2004
2a02:2638:1::13
2a02:2638:1::3
2a03:b0c0:3:e0::21f:7001
3.214.91.80
34.107.148.139
34.254.122.11
34.254.143.3
35.244.159.8
35.244.174.68
37.157.2.236
51.210.112.236
51.75.86.98
52.48.128.83
69.173.144.138
69.173.144.165
94.31.29.32
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
209437330621a90406fd5113e59cdfac3ce2118359d5af587439f7a1dff6264c
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
225f753afe06602fc824f6da0aba95053834fea6ac8364f1f2f9fc0f7fad81f3
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23e3528fb3eb992c093044c1374ff77cfb2674d10fed5163f5caacb6172f8058
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2726adbe7a277ed43ba5153855413c0e00db1794048e387414a10297687abe23
27bb1ef6f09ce6311d24b212611b39ff5dd05f8207e37594dcb81ae369cf6dbc
28040d5f7a7f730ef48ac111eea514ac039f550ebbb4519dcf5194d36bdbbc9f
2a437c58996fc46b3ad5eceb9805abd71146085881f49461f4575005bbc665f6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c2210f87e564b9f117ad40e2cb2f666828d11dbb947bc4304e368b9d5e247ee
2ee78657636cb8b371dd64adddf3987eeee86c98663e0602711599d0b5da01b0
31d5648df5eebdf3d492b355285870ced53b93143889c04edf9deb94357dd6e6
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
3a8e53d970d7799a69e359506fc74473c49d529900e1a49b79c4cd398f035525
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
462c44f493d117408b6a68398c33a3353b04a4ada233dc66105f1e338c75f7ff
4c13bdd98dffa488ef0d7e254df4352439599455a5c6657c35f5055b38d71a7d
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f
4d1dfa3972496d75f543d82e607d302adbb8b85a7d52e33524573680d84d3da3
4d72193807a7271aaa38e74178ec691a7e0ec21e0edc1433730aa6ed80fbd0b9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50a6a95bd77c095e5a26eed72a77c518a4c3ec57b204c607ba90ddf7a980dc38
54d9a7741bed5ecb030209b1e91325cf72745cbee9a7ff5660c2338b76223a45
57e867f3b205beefa8fbf317eed9112c28a7a69b67225e8db0276ad88c7de067
58cb1515f754311d78793c9a0a3a98b80a6abf78df5abd7568bce04ef543cdb1
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
5d9c0de5c305ce42dda086073a62d8f1c85d021c1fd04ace705c3648a5c4c3db
5ec19fb98fa52930df35dd8d3ef3a48c08a015f410c7feaa47669c073c30127c
63c48dcb1ec2d26f78de3b3c83e333ad530c2774a70ddaafa4bf3ecae3306a44
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c43da5147026d0a2716f732f167178d3324f4af43eac304497db3d460bf083e
6fb39c598ec51d82b5b1d64e19bf137b6872062003d20d4fac1ea7cf6700c9ba
7acfb5df0761a486ebe1d7fd1bab75bfe774a8cde450cce79bef532a7b7f7107
7b463df7f17816e35d2241f72f1001c67609c8370dd3e71fd44edce897583c7e
7e0fbe4aa28ee155737d43aa87ff38ce5fc2bcafeac62ef599f8048cf587bd5d
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91b46207f71a9b239aefb50b4fff9367b8249ed4ee06c881c60b5c63bd8d2637
9250dc80e8486ed058dd85d5ebe4066864d2c3ea540324e87bb9a98f6e8ff144
937a3477372a826e2221ab76df0804efbd2912f2b7d7c217dcea698a7007391c
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
98fcd9ee3af0867cd411f37c41b0d3b6e052144eb1e67dfc9f427f08e67fe9e5
99f08991312c7e32c8dcfdae86d5263b23ee62b36f54a64a7610c77ae9ce78d9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8aece42ead81eb36b4f6e28889a9cf4c960e2a412f7c6104ad3c2a557e2bbf0
ad24c4de5e15be359074acb9a4d7ab3888c11251b1069a8a81cf062fa103b03d
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c29798f8236ee8aa6c66e2536478ad29030a0c4136d8ade00aeacc147bf03064
c2c9818890567b586ead2bd2a6616d4f8317102b5838875a9f6f7f687fdabc38
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c439d8c0ade482d5852178b0acce3a83d4fab25d1cfccc3b41dadce698d36989
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf3705044fa855412ab95c073eaf7a6644a410f1b379f75e0262dda7b44806ac
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c999102bbba0caf9ffcaeb8c8a789e982062aaf313ab9b30aec58d332281a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eeab895c115190a3d5a005162fed96efdc7fe3fc494a1b0af4841a1e94aa0669
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9d8bd2b393d4e39012752384ae91b4676a41f5e4152f43fbf0ba2c2c5393fac
faf96279daab880f59aee01a4ad999db2ca6eca9fb1c9d2c15ef07a93e216f48
fcec8f9f4b2b56dcc746a20c4d2f2992bbefcacc3f2aad7e2b45f1f32da22e67

whale-alert.io Open in urlscan Pro 2606:4700:3031::6815:1c31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

162 Requests

67 %HTTPS

39 %IPv6

65 Domains

94 Subdomains

59 IPs

6 Countries

1821 kBTransfer

4437 kBSize

11 Cookies

4 Outgoing links

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

whale-alert.io Open in urlscan Pro
2606:4700:3031::6815:1c31 Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

67 %
HTTPS

39 %
IPv6

65
Domains

94
Subdomains

59
IPs

6
Countries

1821 kB
Transfer

4437 kB
Size

11
Cookies

162 HTTP transactions
3 data transactions