urlscan.io logo urlscan.io
SecurityTrails logo

my.evilmilk.com Open in urlscan Pro
2606:4700:3038::6815:eb68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://my.evilmilk.com/
Effective URL: https://my.evilmilk.com/
Submission: On January 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 12 countries across 104 domains to perform 355 HTTP transactions. The main IP is 2606:4700:3038::6815:eb68, located in United States and belongs to CLOUDFLARENET, US. The main domain is my.evilmilk.com.
TLS certificate: Issued by E1 on December 4th 2023. Valid for: 3 months.
This is the only time my.evilmilk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 71 2606:4700:303... 13335 (CLOUDFLAR...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
6 161.35.253.218 14061 (DIGITALOC...)
1 68.71.249.118 46562 (PERFORMIVE)
1 2a04:4e42:200... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42:400... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
3 199.232.196.134 54113 (FASTLY)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 3.124.134.82 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
6 2600:9000:214... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.32.22.213 16509 (AMAZON-02)
4 2a02:2638:3::c 44788 (ASN-CRITE...)
4 141.95.98.64 16276 (OVH)
8 15.197.193.217 16509 (AMAZON-02)
9 14 185.89.211.84 29990 (ASN-APPNEX)
1 99.86.4.128 16509 (AMAZON-02)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 162.19.138.82 16276 (OVH)
1 18.245.47.29 16509 (AMAZON-02)
1 18.159.88.14 16509 (AMAZON-02)
5 137.184.242.150 14061 (DIGITALOC...)
1 2a0c:5c87:524... 55081 (24SHELLS)
4 52.210.29.170 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 14 193.3.178.4 399668 (E-PLANNING-)
1 65.9.66.74 16509 (AMAZON-02)
2 8.2.110.26 46636 (NATCOWEB)
2 193.3.178.2 399668 (E-PLANNING-)
3 3 23.21.0.242 14618 (AMAZON-AES)
3 52.58.3.175 16509 (AMAZON-02)
2 2607:f350:3:2... 27630 (AS-XFERNET)
2 35.227.252.103 396982 (GOOGLE-CL...)
2 2 52.72.177.11 14618 (AMAZON-AES)
5 13 18.193.91.20 16509 (AMAZON-02)
6 6 46.228.174.117 56396 (AMOBEE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
6 23.32.184.192 16625 (AKAMAI-AS)
2 17 172.64.151.101 13335 (CLOUDFLAR...)
16 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.66.112.48 16509 (AMAZON-02)
1 143.204.98.87 16509 (AMAZON-02)
2 13.32.27.123 16509 (AMAZON-02)
4 46.228.174.115 56396 (AMOBEE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 4 185.184.8.90 204995 (RTB-HOUSE...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
8 104.22.68.131 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 145.40.97.66 54825 (PACKET)
1 5 51.89.9.254 16276 (OVH)
3 162.210.196.208 30633 (LEASEWEB-...)
5 9 142.250.186.98 15169 (GOOGLE)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
3 4 37.157.3.20 198622 (ADFORM)
1 2a04:4e42::300 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
3 198.47.127.19 3257 (GTT-BACKB...)
2 2 34.251.251.86 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 34.111.131.239 396982 (GOOGLE-CL...)
1 185.15.245.81 24961 (MYLOC-AS ...)
1 1 34.252.210.232 16509 (AMAZON-02)
2 3 3.71.149.231 16509 (AMAZON-02)
1 34.160.236.64 396982 (GOOGLE-CL...)
2 54.246.208.24 16509 (AMAZON-02)
1 157.90.211.246 24940 (HETZNER-AS)
1 1 44.209.190.13 14618 (AMAZON-AES)
1 2 52.95.115.196 16509 (AMAZON-02)
1 3 72.246.169.24 16625 (AKAMAI-AS)
2 2 52.210.40.9 16509 (AMAZON-02)
2 69.173.144.165 26667 (RUBICONPR...)
2 2 2620:116:800d... 16509 (AMAZON-02)
2 65.9.66.68 16509 (AMAZON-02)
5 5 52.1.112.24 14618 (AMAZON-AES)
2 2 13.32.121.105 16509 (AMAZON-02)
2 2 193.0.160.131 54312 (ROCKETFUEL)
1 35.244.174.68 396982 (GOOGLE-CL...)
3 3 50.31.142.255 23352 (SERVERCEN...)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
15 52.210.15.1 16509 (AMAZON-02)
2 2 35.210.239.72 15169 (GOOGLE)
2 4 34.98.64.218 396982 (GOOGLE-CL...)
2 2 54.210.237.164 14618 (AMAZON-AES)
2 4 2a05:d018:d29... 16509 (AMAZON-02)
2 2 52.2.229.240 14618 (AMAZON-AES)
2 38.91.45.7 398989 (DEEPINTENT)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
2 217.182.178.229 16276 (OVH)
2 2 124.146.153.162 2514 (INFOSPHER...)
2 2 23.56.202.187 16625 (AKAMAI-AS)
4 95.101.149.233 16625 (AKAMAI-AS)
2 69.173.144.139 26667 (RUBICONPR...)
2 2 37.157.6.237 198622 (ADFORM)
3 185.83.71.234 55081 (24SHELLS)
1 1 2.18.160.23 16625 (AKAMAI-AS)
1 67.202.105.24 32748 (STEADFAST)
1 2 52.46.155.104 16509 (AMAZON-02)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 18.197.162.124 16509 (AMAZON-02)
2 2 3.120.236.239 16509 (AMAZON-02)
1 151.101.65.108 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 216.52.2.86 30282 (AS-INAPCD...)
2 2 96.46.186.59 ()
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2600:9000:211... 16509 (AMAZON-02)
4 77.245.57.72 36057 (WEBAIR-IN...)
3 8 76.223.111.18 16509 (AMAZON-02)
1 3.224.6.94 ()
1 2 91.134.110.136 16276 (OVH)
1 1 2001:678:cb4:... ()
2 178.250.1.9 44788 (ASN-CRITE...)
1 52.50.95.115 16509 (AMAZON-02)
1 2607:ae80:4::26 26558 (FREEWHEEL)
1 1 34.160.19.107 15169 (GOOGLE)
1 1 45.137.176.88 60350 (VP)
1 2620:1ec:21::14 ()
1 34.252.157.161 ()
1 1 8.2.110.33 ()
1 131.153.158.209 ()
2 75.2.13.80 ()
355 102
71    2606:4700:3038::6815:eb68 (United States)

ASN13335 (CLOUDFLARENET, US)
my.evilmilk.com
www.evilmilk.com
8    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:10::6816:3ac7 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
7    2606:4700:20::681a:492 (United States)

ASN13335 (CLOUDFLARENET, US)
services.bilsyndication.com
s3.bilsyndication.com
6    161.35.253.218 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
served-by.pixfuture.com
1    68.71.249.118 (Toronto, Canada)

ASN46562 (PERFORMIVE, US)
udmserve.net
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
evilmilk.disqus.com
10    2606:4700:20::681a:744 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pixfuture.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    3.124.134.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-134-82.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
6    2600:9000:214f:be00:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.inmobi.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    13.32.22.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-213.fra56.r.cloudfront.net
c.amazon-adsystem.com
4    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
8    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
14    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
ib.adnxs.com
1    99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
3    2606:4700:3037::ac43:9e3b (United States)

ASN13335 (CLOUDFLARENET, US)
px.vliplatform.com
1    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    18.245.47.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-47-29.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    18.159.88.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-88-14.eu-central-1.compute.amazonaws.com
api.cmp.inmobi.com
5    137.184.242.150 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
prebidserver.pixfuture.com
1    2a0c:5c87:5241::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
4    52.210.29.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
14    193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams03.e-planning.net
sync.e-planning.net
1    65.9.66.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-74.fra56.r.cloudfront.net
get.s-onetag.com
2    8.2.110.26 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
2    193.3.178.2 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
3    23.21.0.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-0-242.compute-1.amazonaws.com
ssp.disqus.com
3    52.58.3.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-3-175.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    2607:f350:3:2569:0:10:0:d (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    52.72.177.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-177-11.compute-1.amazonaws.com
cookies.nextmillmedia.com
13    18.193.91.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-91-20.eu-central-1.compute.amazonaws.com
x.bidswitch.net
6    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
6    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
17    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
16    2606:4700:10::6816:3262 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    18.66.112.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-48.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
2    13.32.27.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-123.fra56.r.cloudfront.net
signal-segments.s-onetag.com
4    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
4    2606:4700:10::6816:2460 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
8    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
1    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
3    162.210.196.208 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
sync.aralego.com
9    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
4    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f16:e61:3f01:9802:108e:78ba:29ea (Columbus, United States)

ASN16509 (AMAZON-02, US)
dmp.v.fwmrm.net
3    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    34.251.251.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-251-86.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.81 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    34.252.210.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-210-232.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
3    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1    34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    54.246.208.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-208-24.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    157.90.211.246 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de
sync.richaudience.com
1    44.209.190.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-190-13.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.115.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com
tags.bluekai.com
x.dlx.addthis.com
2    52.210.40.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-40-9.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
5    52.1.112.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-112-24.compute-1.amazonaws.com
i.liadm.com
2    13.32.121.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-105.fra60.r.cloudfront.net
live.rezync.com
2    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    50.31.142.255 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
15    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    35.210.239.72 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
u.openx.net
2    54.210.237.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-237-164.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    2a05:d018:d29:3602:44eb:b5a2:2ad7:b31f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    52.2.229.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-229-240.compute-1.amazonaws.com
sync.ipredictive.com
2    38.91.45.7 (Ashburn, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
2    217.182.178.229 (France)

ASN16276 (OVH, FR)
PTR: ip229.ip-217-182-178.eu
ssbsync.smartadserver.com
2    124.146.153.162 (Miyado, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
3    185.83.71.234 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
1    67.202.105.24 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
2    18.197.162.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-162-124.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    3.120.236.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-236-239.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    216.52.2.86 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    96.46.186.59 (None, )

ASN- ()
ads.betweendigital.com
3    2606:4700:10::ac43:2ac9 (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
2    2600:9000:211e:8400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
8    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    3.224.6.94 (None, )

ASN- ()
cs-server-s2s.yellowblue.io
2    91.134.110.136 (France)

ASN16276 (OVH, FR)
PTR: ip136.ip-91-134-110.eu
sync.smartadserver.com
1    2001:678:cb4:bbbb::13 (None, )

ASN- ()
d.turn.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    52.50.95.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-95-115.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2607:ae80:4::26 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    34.160.19.107 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
1    34.252.157.161 (None, )

ASN- ()
ice.360yield.com
1    8.2.110.33 (None, )

ASN- ()
us.shb-sync.com
1    131.153.158.209 (None, )

ASN- ()
id.a-mx.com
2    75.2.13.80 (None, )

ASN- ()
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
Apex Domain
Subdomains		 Transfer
71 evilmilk.com
my.evilmilk.com
www.evilmilk.com
719 KB
21 pixfuture.com
served-by.pixfuture.com — Cisco Umbrella Rank: 58334
cdn.pixfuture.com — Cisco Umbrella Rank: 65979
prebidserver.pixfuture.com — Cisco Umbrella Rank: 62834
1 MB
19 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1535
rtb.gumgum.com — Cisco Umbrella Rank: 1478
usersync.gumgum.com — Cisco Umbrella Rank: 1988
7 KB
17 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1252
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
dsum.casalemedia.com — Cisco Umbrella Rank: 1367
13 KB
16 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3325
mwzeom.zeotap.com — Cisco Umbrella Rank: 3434
6 KB
16 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2359
s.e-planning.net — Cisco Umbrella Rank: 5393
u-ams03.e-planning.net — Cisco Umbrella Rank: 29983
sync.e-planning.net — Cisco Umbrella Rank: 3885
5 KB
15 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 490
ib.adnxs.com — Cisco Umbrella Rank: 253
acdn.adnxs.com — Cisco Umbrella Rank: 598
29 KB
13 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
3 KB
13 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
335 KB
10 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967
eus.rubiconproject.com — Cisco Umbrella Rank: 579
token.rubiconproject.com — Cisco Umbrella Rank: 477
25 KB
9 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 535
image6.pubmatic.com — Cisco Umbrella Rank: 805
35 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
78 KB
8 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 412
4 KB
8 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5290
csync.smilewanted.com — Cisco Umbrella Rank: 3218
static.smilewanted.com — Cisco Umbrella Rank: 8813
17 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
1 KB
8 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
128 KB
7 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1388
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
3 KB
7 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 20126
sync.quantumdex.io — Cisco Umbrella Rank: 7104
2 KB
7 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 5021
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6723
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 7257
signal-segments.s-onetag.com — Cisco Umbrella Rank: 17104
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
18 KB
7 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 3915
api.cmp.inmobi.com — Cisco Umbrella Rank: 13519
212 KB
7 bilsyndication.com
services.bilsyndication.com — Cisco Umbrella Rank: 347934
s3.bilsyndication.com — Cisco Umbrella Rank: 400837
357 KB
6 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3041
c1.adform.net — Cisco Umbrella Rank: 583
cm.adform.net — Cisco Umbrella Rank: 1147
3 KB
6 openx.net
rtb.openx.net — Cisco Umbrella Rank: 625
us-u.openx.net — Cisco Umbrella Rank: 524
u.openx.net
1 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 423
dis.criteo.com — Cisco Umbrella Rank: 608
1 KB
6 disqus.com
evilmilk.disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1487
5 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 550
3 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
686 B
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373
targeting.unrulymedia.com — Cisco Umbrella Rank: 863
891 B
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
2 KB
4 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1634
536 B
4 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
sync.smartadserver.com — Cisco Umbrella Rank: 1369
506 B
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
2 KB
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6599
creativecdn.com — Cisco Umbrella Rank: 564
2 KB
4 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 4977
sync.adtelligent.com — Cisco Umbrella Rank: 7205
3 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
3 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
881 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 784
usermatch.krxd.net — Cisco Umbrella Rank: 1811
940 B
3 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
37 KB
3 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 27521
sync.aralego.com
886 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1603
mp.4dex.io — Cisco Umbrella Rank: 2539
25 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
d.turn.com
1 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 508
103 B
3 vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 36736
1 KB
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 544
fid.agkn.com Failed
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2029
21 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
imasdk.googleapis.com — Cisco Umbrella Rank: 485
131 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
243 B
2 betweendigital.com
ads.betweendigital.com
1 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
277 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4277
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
1 KB
2 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1651
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1525
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1026
60 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
930 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
2 KB
2 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5692
394 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
2 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1645
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
1 KB
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 4870
428 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 25870
908 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
1 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 740
170 B
2 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2123
404 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 976
801 B
2 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 2802
120 B
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 811
14 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 75
69 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
152 KB
2 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 5476
166 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
3 KB
1 a-mx.com
id.a-mx.com
268 B
1 shb-sync.com
us.shb-sync.com
581 B
1 360yield.com
ice.360yield.com
199 B
1 linkedin.com
px.ads.linkedin.com
649 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1503
281 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1683
366 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
655 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
433 B
1 yellowblue.io
cs-server-s2s.yellowblue.io
368 B
1 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8300
1 KB
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 3039
181 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 901
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1257
407 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
576 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1515
424 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 727
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1717
65 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1375
204 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 22706
84 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552
596 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 9844
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 13621
460 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 646
204 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914
275 B
1 rlcdn.com
api.rlcdn.com Failed
idsync.rlcdn.com — Cisco Umbrella Rank: 451
98 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019
11 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
30 KB
1 udmserve.net
udmserve.net — Cisco Umbrella Rank: 3747
470 B
1 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 41013
142 KB
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 bemail.it Failed
bn01.er.bemail.it Failed
0 tidaltv.com Failed
sync.tidaltv.com Failed
355 104
Domain Requested by
70 my.evilmilk.com 21 redirects my.evilmilk.com
15 usersync.gumgum.com rtb.gumgum.com
13 x.bidswitch.net 5 redirects ads.us.e-planning.net
spl.zeotap.com
rtb.gumgum.com
ssum-sec.casalemedia.com
eb2.3lift.com
12 mwzeom.zeotap.com spl.zeotap.com
11 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
10 cdn.pixfuture.com served-by.pixfuture.com
cdn.pixfuture.com
static.cloudflareinsights.com
my.evilmilk.com
9 cm.g.doubleclick.net 5 redirects spl.zeotap.com
rtb.gumgum.com
eb2.3lift.com
8 eb2.3lift.com 3 redirects sync.quantumdex.io
eb2.3lift.com
8 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
8 match.adsrvr.org cdn.pixfuture.com
spl.zeotap.com
ssum.casalemedia.com
rtb.gumgum.com
ads.us.e-planning.net
eb2.3lift.com
8 cdnjs.cloudflare.com my.evilmilk.com
cdnjs.cloudflare.com
7 ib.adnxs.com 4 redirects s3.bilsyndication.com
spl.zeotap.com
eb2.3lift.com
7 secure.adnxs.com 5 redirects my.evilmilk.com
cdn.pixfuture.com
6 sync.quantumdex.io s3.bilsyndication.com
sync.quantumdex.io
ssum-sec.casalemedia.com
6 csync.smilewanted.com s3.bilsyndication.com
csync.smilewanted.com
6 ads.pubmatic.com ads.us.e-planning.net
rtb.gumgum.com
sync.quantumdex.io
csync.smilewanted.com
6 cmp.inmobi.com services.bilsyndication.com
cmp.inmobi.com
6 served-by.pixfuture.com my.evilmilk.com
cdn.pixfuture.com
services.bilsyndication.com
served-by.pixfuture.com
5 i.liadm.com 5 redirects
5 onetag-sys.com 1 redirects s3.bilsyndication.com
sync.quantumdex.io
5 sync.1rx.io 5 redirects
5 prebidserver.pixfuture.com cdn.pixfuture.com
ads.us.e-planning.net
5 services.bilsyndication.com my.evilmilk.com
services.bilsyndication.com
4 sync.adkernel.com sync.quantumdex.io
4 eus.rubiconproject.com rtb.gumgum.com
eus.rubiconproject.com
4 pr-bh.ybp.yahoo.com 2 redirects rtb.gumgum.com
ssum.casalemedia.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 targeting.unrulymedia.com s3.bilsyndication.com
4 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
4 id5-sync.com cdn.pixfuture.com
sync.quantumdex.io
4 gum.criteo.com cdn.pixfuture.com
s3.bilsyndication.com
4 securepubads.g.doubleclick.net cdn.pixfuture.com
securepubads.g.doubleclick.net
3 sync.adtelligent.com cdn.pixfuture.com
ads.us.e-planning.net
3 creativecdn.com 3 redirects
3 c1.adform.net 3 redirects
3 b1sync.zemanta.com 3 redirects
3 rtb.gumgum.com ads.us.e-planning.net
rtb.gumgum.com
3 image6.pubmatic.com spl.zeotap.com
ads.pubmatic.com
3 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
3 sync.e-planning.net ads.us.e-planning.net
rtb.gumgum.com
3 match.sharethrough.com ads.us.e-planning.net
sync.quantumdex.io
3 ssp.disqus.com 3 redirects
3 ads.us.e-planning.net 1 redirects cdn.pixfuture.com
3 px.vliplatform.com my.evilmilk.com
3 c.amazon-adsystem.com services.bilsyndication.com
c.amazon-adsystem.com
3 aa.agkn.com 1 redirects cdn.pixfuture.com
3 evilmilk.disqus.com my.evilmilk.com
evilmilk.disqus.com
2 u.openx.net 2 redirects
2 dis.criteo.com ssum-sec.casalemedia.com
eb2.3lift.com
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 s.ad.smaato.net sync.quantumdex.io
csync.smilewanted.com
2 ads.betweendigital.com 2 redirects
2 ap.lijit.com sync.quantumdex.io
csync.smilewanted.com
2 ads.creative-serving.com 2 redirects
2 pm.w55c.net 2 redirects
2 x.dlx.addthis.com 1 redirects ssum.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 cm.adform.net 2 redirects
2 token.rubiconproject.com eus.rubiconproject.com
2 secure-assets.rubiconproject.com 2 redirects
2 tg.socdm.com 2 redirects
2 ssbsync.smartadserver.com rtb.gumgum.com
2 match.deepintent.com rtb.gumgum.com
2 sync.ipredictive.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 us-u.openx.net rtb.gumgum.com
2 u.ipw.metadsp.co.uk 2 redirects
2 ssum-sec.casalemedia.com ssum.casalemedia.com
sync.quantumdex.io
2 p.rfihub.com 2 redirects
2 live.rezync.com 2 redirects
2 tags.crwdcntrl.net s.e-planning.net
2 cms.quantserve.com 2 redirects
2 pixel.rubiconproject.com spl.zeotap.com
csync.smilewanted.com
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
2 beacon.krxd.net spl.zeotap.com
2 ups.analytics.yahoo.com 1 redirects ssum-sec.casalemedia.com
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 hb.aralego.com s3.bilsyndication.com
2 prebid.a-mo.net s3.bilsyndication.com
2 script.4dex.io s3.bilsyndication.com
script.4dex.io
2 signal-segments.s-onetag.com get.s-onetag.com
2 ad.turn.com 2 redirects
2 cookies.nextmillmedia.com 2 redirects
2 rtb.openx.net ads.us.e-planning.net
2 sync.go.sonobi.com ads.us.e-planning.net
2 s.e-planning.net ads.us.e-planning.net
2 sync.admanmedia.com ads.us.e-planning.net
2 static.cloudflareinsights.com cdn.pixfuture.com
2 s3.bilsyndication.com services.bilsyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.youtube.com cdnjs.cloudflare.com
www.youtube.com
2 www.googletagmanager.com my.evilmilk.com
www.googletagmanager.com
2 vjs.zencdn.net my.evilmilk.com
2 cdn.jsdelivr.net my.evilmilk.com
s3.bilsyndication.com
2 fonts.googleapis.com my.evilmilk.com
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 id.a-mx.com s3.bilsyndication.com
1 us.shb-sync.com 1 redirects
1 ice.360yield.com csync.smilewanted.com
1 px.ads.linkedin.com eb2.3lift.com
1 sync.adotmob.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 d.turn.com 1 redirects
1 cs-server-s2s.yellowblue.io sync.quantumdex.io
1 static.smilewanted.com csync.smilewanted.com
1 sync.aralego.com cdn.aralego.net
1 cdn.aralego.net s3.bilsyndication.com
1 acdn.adnxs.com s3.bilsyndication.com
1 dsum.casalemedia.com ssum.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 ssc-cms.33across.com cdn.pixfuture.com
1 hbx.media.net 1 redirects
1 bh.contextweb.com 1 redirects
1 s.company-target.com 1 redirects
1 idsync.rlcdn.com ssum.casalemedia.com
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 cms.analytics.yahoo.com 1 redirects
1 bcp.crwdcntrl.net 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 mp.4dex.io s3.bilsyndication.com
1 prebid.smilewanted.com s3.bilsyndication.com
1 useast.quantumdex.io s3.bilsyndication.com
1 prebid-eu.creativecdn.com s3.bilsyndication.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 sync.targeting.unrulymedia.com 1 redirects
1 get.s-onetag.com cdn.pixfuture.com
1 g2.gumgum.com cdn.pixfuture.com
1 ghb.adtelligent.com cdn.pixfuture.com
1 api.cmp.inmobi.com cmp.inmobi.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 lb.eu-1-id5-sync.com cdn.pixfuture.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 imasdk.googleapis.com services.bilsyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.evilmilk.com my.evilmilk.com
1 maxcdn.bootstrapcdn.com my.evilmilk.com
1 code.jquery.com my.evilmilk.com
1 udmserve.net my.evilmilk.com
1 services.vlitag.com my.evilmilk.com
0 sync-tm.everesttech.net Failed spl.zeotap.com
ssum.casalemedia.com
0 bn01.er.bemail.it Failed spl.zeotap.com
0 sync.tidaltv.com Failed spl.zeotap.com
0 api.rlcdn.com Failed cdn.pixfuture.com
0 fid.agkn.com Failed cdn.pixfuture.com
355 158

This site contains links to these domains. Also see Links.

Domain
www.evilmilk.com
www.pixfuture.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
evilmilk.com
E1		 2023-12-04 -
2024-03-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
vlitag.com
GTS CA 1P5		 2023-11-26 -
2024-02-24		 3 months crt.sh
bilsyndication.com
Cloudflare Inc ECC CA-3		 2023-04-08 -
2024-04-07		 a year crt.sh
*.pixfuture.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-28 -
2024-12-03		 a year crt.sh
udmserve.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-03 -
2024-07-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-13 -
2024-04-20		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA		 2023-08-18 -
2024-08-17		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-28 -
2024-02-26		 3 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
ads.us.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.a-mo.net
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.v.fwmrm.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-13 -
2024-12-13		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
dmp.theadex.com
R3		 2023-12-20 -
2024-03-19		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-16		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2024-01-12 -
2025-02-12		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M03		 2023-11-28 -
2024-12-26		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
id.a-mx.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-12 -
2024-11-10		 a year crt.sh

This page contains 63 frames:

Primary Page: https://my.evilmilk.com/
Frame ID: 6E6AA2B29F49C5F5B10AE301E287E570
Requests: 146 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/pixf_sync.html
Frame ID: 9FA9F18EF6421EB0DCEA4B0B63605D3E
Requests: 3 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: 016F10ACCB51873483491B4078C1DBF3
Requests: 12 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/banners/300x250.gif
Frame ID: 988A245BE559B712226E9322347C2556
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96503f28aa14c8a3%26uid%3D
Frame ID: A06F1FD37285505883D174089194692E
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D&s=190243&C=1
Frame ID: B223C0480C062FBA9642E6E6E510F2B9
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 1A5FB755D3F94B4390A81569EE7C1B9C
Requests: 33 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Frame ID: C68BF273FE000115E59D5A9F4BE2B4A0
Requests: 12 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=ANzyhluERh2AYbQF
Frame ID: FDB611D6DE475F8337AB81769560822E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=8134709458298602181&gdpr=&gdpr_consent=
Frame ID: A456157E7078E40A5AEBB2DA96291CC7
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYWM3MTIyOS05MmUxLTQ1ZmYtOTAxZi0xMjkyZDkxNmM1YzI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: A4D521C49192EBCE9CB84A9E71986AB1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 5C35E1518814A02B172F46421C603B09
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 35EF7B91756149182661FD5AB1FA95B6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZaI1YMCo8XwAAB1mxpwAAAAA
Frame ID: 65D5AA23242DC6F18B5BA571227CA2F5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=-g1FSJFLnKSoeGzYylVO99GNdpCAEZdZFSZ8piw7LRc&pi=gumgum&tc=1
Frame ID: 5F68FD78FAFE7FD8E09241A44735510F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 0215725B242FFB7C97043D43F756E932
Requests: 3 HTTP requests in this frame

Frame: https://services.bilsyndication.com/passback/?t=1705122185&d=2565&z=6728&divID=vi_25656728_1&w=300&h=250&geo=DE&hn=my.evilmilk.com
Frame ID: F456BB4340437AA8ECD20E8133A5ECE2
Requests: 10 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Frame ID: FA684EDE9DA41810AB7BA55B586539A9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/pixf_sync.html
Frame ID: 1565D1658E80843DFC4208C1A7FF1EB7
Requests: 3 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Frame ID: 40736475564DB657AC9DCF8C3D5830D3
Requests: 12 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=8134709458298602181&traffic_source=snippet&session=1FA998684CE4FCFB&sp=500592&pb=305453&c=709112&a=743293&domain=https://my.evilmilk.com/&gdpr=0&gdpr_source=&gdpr_consent=
Frame ID: 3C13C3B13A0FB3C5C7A6C576BE7F0431
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=1FA998684CE4FCFB&sp=500592&pb=305453&c=750708&a=754412&domain=https://my.evilmilk.com/&gdpr=0&gdpr_source=&gdpr_consent=
Frame ID: CD5E99B48CB14CFD388A04EA4B267C8C
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Frame ID: C81800D9D03ABC6FF57B76BB058D0375
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D0ce520e214d25a23%26uid%3D
Frame ID: 14249A04C5F3DBEC4C9BC4AB5BC63CC8
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0ce520e214d25a23%26uid%3D
Frame ID: 0BDA2B4EFF30C2E0F40DA4AC5BF7E5B2
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 452D0A06080CDE1059F27037D2628544
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Frame ID: EA306692F40F3EA2BD346E2931CACC15
Requests: 11 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ANzyhluERh2AYbQF&traffic_source=snippet&session=1FA998684CE4FCFB&sp=500592&pb=305453&c=484122&a=307971&domain=https://my.evilmilk.com/&gdpr=0&gdpr_source=&gdpr_consent=
Frame ID: 8B73B52A971E44E87A6E7F1CBD2E8206
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=8134709458298602181&gdpr=&gdpr_consent=
Frame ID: 4533BEACAD88EE58240840E67930F1F8
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYWM3MTIyOS05MmUxLTQ1ZmYtOTAxZi0xMjkyZDkxNmM1YzI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 912F973DF814A012E094D61A0514FAD6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 548BC57B98E5FE0F3214AC3347406A51
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 211529C905DD63539D830CFC381C0875
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZaI1YcCo8XwAAB1mxt8AAAAA
Frame ID: C7CD768566ACAD2D12EE8F24CE5D4E7B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=-g1FSJFLnKSoeGzYylVO99GNdpCAEZdZFSZ8piw7LRc&pi=gumgum
Frame ID: 555093DB5738340B9130B1A46E9BBBA7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 57E7C6099879393B106ED65F427317FD
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/?us_privacy=1---
Frame ID: EDC7CE3582BAB3F348C34F9FDCBAD1E5
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Frame ID: 8DB190CB4942BB4F1EEAFF873C6AA715
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1705129312222&us_privacy=1---
Frame ID: 1CB91D77BE7F1DD11563A60E4852CB4F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C4E8FA82229C5BAF87596BF0924490AA
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Frame ID: EFD715780301955E3F55F139964FF4ED
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html?usprivacy=1---
Frame ID: D19A728676F193D28096A89E3004F78F
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: A7684891BF1606F40F25ECB9E0515A45
Requests: 10 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: D712D376DF3D9539257885BDE828E04E
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: EF215FBC4B9EE61057DD62D7CB3C5581
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: E0B298F7BF388A6F52668CECAF939EE7
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Frame ID: F4CCEEDCE95EEE41A47F048D50BF903C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Donetag-pbs%26uid%3D%24%7BUSER_TOKEN%7D
Frame ID: 416DEE6DE9777D66A35880ABBAC90AC9
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Frame ID: 3D969CE31327F8B2B14BDE5005CD8D4D
Requests: 11 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: 4A16BA92C94B1AF112FC86B84FFD076C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: C1F64A020603EBBEFD4EE85F82747FC3
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: 48676D8B9C4544AD408668C49A4A12CF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: F4D1A21C01578097010FC78E992AA0BD
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 64C645F21EE988D0F95FE3F3CC7D72B1
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 350D440D0C1ED562F4EA30F5FA6C5541
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/5293967234649900053
Frame ID: 2E6DE290C3DF787FF90ECC1F9310DC9A
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 16F2480194CF672B2617594F6E6D4B12
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 82C7756C0757B84FA30E8644354BB86B
Requests: 1 HTTP requests in this frame

Frame: https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Frame ID: FA3783A20D306754D40F42A7E7F3DF84
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/17bb539f-8f97-4c2f-a416-c7fc3c37491e
Frame ID: B808CDB187C7EF97FCA4E6027FC959BD
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 671C6C66CEDC1C24BDED32D739CE5EF7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/8134709458298602181
Frame ID: 913298416A7FE147411698CE00112DD7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adwmg/5aa3befa-e0e9-43e0-850d-9036fd57621a
Frame ID: 645E1C9C642086ECE667E72F567B34DF
Requests: 1 HTTP requests in this frame

Frame: https://s.ad.smaato.net/c/?adExInit=smile&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsmaato%2F%24UID
Frame ID: BEBD12E253930E2C8C85F8A121E4BD78
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My.Evilmilk | An even more evil milk

Page URL History Show full URLs

  1. http://my.evilmilk.com/ HTTP 301
    https://my.evilmilk.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • hammer(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

355
Requests

76 %
HTTPS

29 %
IPv6

104
Domains

158
Subdomains

102
IPs

12
Countries

3932 kB
Transfer

9230 kB
Size

105
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://my.evilmilk.com/ HTTP 301
    https://my.evilmilk.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://my.evilmilk.com/p/tx-37dqz6_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/tx-37dqz6_t3.jpg
Request Chain 15
  • https://my.evilmilk.com/p/tx-37drjt_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/tx-37drjt_t3.jpg
Request Chain 16
  • https://my.evilmilk.com/p/tx-37drlp_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/tx-37drlp_t3.jpg
Request Chain 17
  • https://my.evilmilk.com/p/tx-37dt8f_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/tx-37dt8f_t3.jpg
Request Chain 18
  • https://my.evilmilk.com/p/tx-37duq0_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/tx-37duq0_t3.jpg
Request Chain 19
  • https://my.evilmilk.com/p/tx-37dwcy_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/tx-37dwcy_t3.jpg
Request Chain 20
  • https://my.evilmilk.com/p/6ix-37e1ep_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/6ix-37e1ep_t3.jpg
Request Chain 22
  • https://my.evilmilk.com/p/743-37e4w5_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/743-37e4w5_t3.jpg
Request Chain 24
  • https://my.evilmilk.com/p/arx-37bkir_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/arx-37bkir_t3.jpg
Request Chain 27
  • https://my.evilmilk.com/p/arr-36azg4_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/6/arr-36azg4_t3.jpg
Request Chain 29
  • https://my.evilmilk.com/p/a1lu-3718s6_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/a1lu-3718s6_t3.jpg
Request Chain 31
  • https://my.evilmilk.com/p/ary-3782np_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/ary-3782np_t3.jpg
Request Chain 33
  • https://my.evilmilk.com/p/3p7-37dnt~_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/3p7-37dnt~_t3.jpg
Request Chain 34
  • https://my.evilmilk.com/p/5bq-37dmh7_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/5bq-37dmh7_t3.jpg
Request Chain 37
  • https://my.evilmilk.com/p/5bq-37dmhx_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/5bq-37dmhx_t3.jpg
Request Chain 38
  • https://my.evilmilk.com/p/5bq-37dmiy_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/5bq-37dmiy_t3.jpg
Request Chain 39
  • https://my.evilmilk.com/p/5bq-37dmjf_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/5bq-37dmjf_t3.jpg
Request Chain 40
  • https://my.evilmilk.com/p/5bq-37dmjn_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/5bq-37dmjn_t3.jpg
Request Chain 41
  • https://my.evilmilk.com/p/5bq-37dml8_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/5bq-37dml8_t3.jpg
Request Chain 42
  • https://my.evilmilk.com/p/ary-3782o6_t3.jpg HTTP 301
  • https://my.evilmilk.com/p/3/7/ary-3782o6_t3.jpg
Request Chain 100
  • https://secure.adnxs.com/seg?add=27578847%2C27578847&remove=27578847&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578847%252C27578847%26remove%3D27578847%26t%3D1
Request Chain 120
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Request Chain 127
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D96503f28aa14c8a3%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=96503f28aa14c8a3&uid=ua-4578542b-00e4-3eb2-85c1-f93447689abe
Request Chain 131
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D96503f28aa14c8a3%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=96503f28aa14c8a3&uid=5293967234649900053
Request Chain 132
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D96503f28aa14c8a3 HTTP 302
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=96503f28aa14c8a3
Request Chain 134
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning&zcc=1&cb=1705129312205 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8012829588 HTTP 302
  • https://sync.1rx.io/usersync/turn/4253344833156873496?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-fee4c498-26c0-4562-a673-199d9cd49ec3-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-fee4c498-26c0-4562-a673-199d9cd49ec3-003%26dc%3Dfc741bbdfeedcd57%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-fee4c498-26c0-4562-a673-199d9cd49ec3-003&dc=fc741bbdfeedcd57&iss=1
Request Chain 136
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D&s=190243&C=1
Request Chain 160
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6f31e70e-a4af-4984-4e96-590375312a75%26reqId%3Dcf51955f-9101-4169-6fb5-75eae02983eb%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6f31e70e-a4af-4984-4e96-590375312a75%26reqId%3Dcf51955f-9101-4169-6fb5-75eae02983eb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=a86ce18a-9d43-4a0c-b59f-15c325f729bb&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Request Chain 167
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6f31e70e-a4af-4984-4e96-590375312a75&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6f31e70e-a4af-4984-4e96-590375312a75%26reqId%3Dcf51955f-9101-4169-6fb5-75eae02983eb%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6f31e70e-a4af-4984-4e96-590375312a75&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6f31e70e-a4af-4984-4e96-590375312a75%26reqId%3Dcf51955f-9101-4169-6fb5-75eae02983eb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=78916886434790314242158371810373251452&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Request Chain 170
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6f31e70e-a4af-4984-4e96-590375312a75%26reqId%3Dcf51955f-9101-4169-6fb5-75eae02983eb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7323474630495434902&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Request Chain 171
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=6f31e70e-a4af-4984-4e96-590375312a75 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=6f31e70e-a4af-4984-4e96-590375312a75
Request Chain 172
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6f31e70e-a4af-4984-4e96-590375312a75&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6f31e70e-a4af-4984-4e96-590375312a75%26reqId%3Dcf51955f-9101-4169-6fb5-75eae02983eb%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6f31e70e-a4af-4984-4e96-590375312a75&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6f31e70e-a4af-4984-4e96-590375312a75%26reqId%3Dcf51955f-9101-4169-6fb5-75eae02983eb%26zdid%3D1361&bounce=1&random=1115816663 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=sO71Cb/SpBZErSssLwgcf.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Request Chain 174
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=6f31e70e-a4af-4984-4e96-590375312a75?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Request Chain 175
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-SzYYSD5E2ooBDyyCcD1c6maEJQhJTqUSwA--~A&zpartnerid=570&env=mWeb
Request Chain 176
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=W0f%2Bou8BkjaopjCqQcD%2FD%2FNcwhYnwWs0%2BS41iYitP1U%3D
Request Chain 181
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Request Chain 182
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6f31e70e-a4af-4984-4e96-590375312a75&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6f31e70e-a4af-4984-4e96-590375312a75&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361&dcc=t
Request Chain 184
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6f31e70e-a4af-4984-4e96-590375312a75%26reqId%3Dcf51955f-9101-4169-6fb5-75eae02983eb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Request Chain 188
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=6f31e70e-a4af-4984-4e96-590375312a75&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=p6eDWKKn1Fq8oYRa9fTPX6argFq8pIYJpqYF7o15&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=6f31e70e-a4af-4984-4e96-590375312a75&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Request Chain 196
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZaI1YPICIG.evZD1bvHNgwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAqE4uBBMQDGVPIkOsYt6Y0&google_cver=1&google_hm=2
Request Chain 197
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaI1YPICIG.evZD1bvHNgwAA%261181&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaI1YPICIG.evZD1bvHNgwAA%261181&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=ffe83462df864782a6c91623ff86426a HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=ffe83462-df86-4782-a6c9-1623ff86426a HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=207e64f9-2433-4417-83d9-94ed63cde464%3A1705129312.988642&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D207e64f9-2433-4417-83d9-94ed63cde464%253A1705129312.988642%26_%3D1705129312.991065&cb=1705129312.9910963 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084929395100999&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D207e64f9-2433-4417-83d9-94ed63cde464%253A1705129312.988642%26_%3D1705129312.991065 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=207e64f9-2433-4417-83d9-94ed63cde464%3A1705129312.988642&_=1705129312.991065
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGVR2SpAaUdlrwCloMVUCtk&google_cver=1
Request Chain 199
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 200
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720854112&external_user_id=f4860797-a00b-46a6-83e5-abe6b0ca3ede
Request Chain 201
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=z2d96spnKujUYXronTQx7c5rfujUZHi7zmZ-zjom
Request Chain 202
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4181287239118945560
Request Chain 204
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5293967234649900053
Request Chain 205
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_aac71229-92e1-45ff-901f-1292d916c5c2&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_aac71229-92e1-45ff-901f-1292d916c5c2&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985
Request Chain 207
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-39276bb2-0f53-5443-4b1c-105d64281d26$ip$81.95.5.40
Request Chain 209
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=38128f65-5b81-48a5-b503-3774fcd30a09
Request Chain 211
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_aac71229-92e1-45ff-901f-1292d916c5c2&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 212
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=pmBkBjza2StB&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 215
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=8134709458298602181&gdpr=&gdpr_consent=
Request Chain 219
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaI1YMCo8XwAAB1mxpwAAAAA
Request Chain 220
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=-g1FSJFLnKSoeGzYylVO99GNdpCAEZdZFSZ8piw7LRc&pi=gumgum&tc=1
Request Chain 221
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 228
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D HTTP 302
  • https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Request Chain 235
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D709112%26a%3D743293%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 303
  • https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=8134709458298602181&traffic_source=snippet&session=1FA998684CE4FCFB&sp=500592&pb=305453&c=709112&a=743293&domain=https://my.evilmilk.com/&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 236
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extuid%3D%3Cvsid%3E%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D750708%26a%3D754412%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=1FA998684CE4FCFB&sp=500592&pb=305453&c=750708&a=754412&domain=https://my.evilmilk.com/&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 242
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D0ce520e214d25a23%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=0ce520e214d25a23&uid=ua-4578542b-00e4-3eb2-85c1-f93447689abe
Request Chain 246
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D0ce520e214d25a23%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=0ce520e214d25a23&uid=5293967234649900053
Request Chain 247
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D0ce520e214d25a23 HTTP 302
  • https://u-ams03.e-planning.net/um?uid=csuid_8a83adcc-2cf2-4063-8665-3ee710be3034&dc=b337141cfdc8cf59&fi=0ce520e214d25a23
Request Chain 249
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8752952355
Request Chain 255
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 256
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaI1YPICIG.evZD1bvHNgwAA%261181&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ffe83462-df86-4782-a6c9-1623ff86426a HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ffe83462-df86-4782-a6c9-1623ff86426a&rd=Y
Request Chain 257
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5293967234649900053
Request Chain 259
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1705215713
Request Chain 261
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JBvctCsp1Roy1H5
Request Chain 264
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6f31e70e-a4af-4984-4e96-590375312a75%26reqId%3D9d8e44c9-4508-4a3d-5b9a-7f752d09f4fa%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=9d8e44c9-4508-4a3d-5b9a-7f752d09f4fa&zdid=1361
Request Chain 269
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=47093520-6fd4-437a-9810-9eb2bc96a985
Request Chain 271
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5293967234649900053
Request Chain 272
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_aac71229-92e1-45ff-901f-1292d916c5c2&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=47093520-6fd4-437a-9810-9eb2bc96a985&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=47093520-6fd4-437a-9810-9eb2bc96a985&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=9731979f-463d-447a-9380-2e7af1c1ae49&ssp=gumgum2&expires=30&user_group=5&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985
Request Chain 274
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-39276bb2-0f53-5443-4b1c-105d64281d26$ip$81.95.5.40
Request Chain 275
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-bmumUN5E2pcJuUN.PR7bov8JMV5Kdis3Z1T5~A
Request Chain 276
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=38128f65-5b81-48a5-b503-3774fcd30a09
Request Chain 278
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_aac71229-92e1-45ff-901f-1292d916c5c2&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 281
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=8134709458298602181&gdpr=&gdpr_consent=
Request Chain 285
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaI1YcCo8XwAAB1mxt8AAAAA
Request Chain 286
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=-g1FSJFLnKSoeGzYylVO99GNdpCAEZdZFSZ8piw7LRc&pi=gumgum
Request Chain 287
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 301
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-7926596070356998214 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=1a9f3133-d219-530d-93c1-2b65f6631e01
Request Chain 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5293967234649900053
Request Chain 303
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4578542b-00e4-3eb2-85c1-f93447689abe
Request Chain 313
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Request Chain 316
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 319
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 320
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaI1YPICIG.evZD1bvHNgwAA%261181&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4181287239118945560 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 324
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=e00cf749-cb7c-9d1b-3843749d
Request Chain 326
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084929395100999
Request Chain 327
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 330
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/5293967234649900053
Request Chain 332
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc4NTQ3MDMwMjUwNDg4NjI3NjE5Ng%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 333
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENeGWlHbGqLPweqOX2Fm0dU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 334
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc4NTQ3MDMwMjUwNDg4NjI3NjE5Ng%3D%3D
Request Chain 336
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1785470302504886276196?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-4yXAtpJE2oRAU7tFnKOjjm5J4iONOXrpvtWbxAC6Hg--~A&dongle=0883
Request Chain 337
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1785470302504886276196&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985
Request Chain 339
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5293967234649900053&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 344
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/17bb539f-8f97-4c2f-a416-c7fc3c37491e
Request Chain 346
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/8134709458298602181
Request Chain 347
  • https://us.shb-sync.com/d3cf52c0-fa89-45fb-83fa-f14d2af39226.gif?puid=[UID]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadwmg%2F%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/adwmg/5aa3befa-e0e9-43e0-850d-9036fd57621a

355 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
my.evilmilk.com/
Redirect Chain
  • http://my.evilmilk.com/
  • https://my.evilmilk.com/
40 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f7f3855adb8a03a74171e67756395c432a5adbe67c98801d6280530cebd27b22

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
844bc527ee34c2af-VIE
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 13 Jan 2024 07:01:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZuCkh1bxgaraquO6vop8QJS5MD3XouydcKYGPM0B1eFEVNFlNrjyLpMFYGjbnf6EMc50a6%2FC6rffNUtQ63zDAmvPY6xfvMwlKVyy%2FVkiMLEOAAxdAhq2XhvsOdqj59slMVfPyBfR8UlKcyJu5A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET

Redirect headers

CF-RAY
844bc5279ea35aa9-VIE
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 13 Jan 2024 07:01:49 GMT
Expires
Sat, 13 Jan 2024 08:01:49 GMT
Location
https://my.evilmilk.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLChJYAn1QaiTHYFlY8N8eoXVxvgCTcInnGtLKrZZSAUXiRU9140SNmDKKAFWtOhv9K6d%2BYEcwBwmfSIW3If%2FSDYhs2iWc4Vz5OSDxyWxJ2fUUPEVZfqLwQhYlAjjh9ftz0AMGGZRt5CypMLujY%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
my.evilmilk.com/css/ 		123 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/css/bootstrap.min.css
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
548f247cbd690d30110ca40022fded7621a0b11f4213cf663eba8db745239649

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 19 Jul 2017 01:18:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"070b2ea2c0d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSGjr1aslRFH6ufI%2FQ2G%2BcZSLRPN6NAfoaYdeQg3NPUCnr3x9sGi8apbuhGP%2FtK%2FVhNSw0I%2FawPvXBUVODLSOqLBi2il53%2FVWn6AIbFTgFv%2FigIM3yFIrxPOeE4c4qJ%2FBnyvieiSA0bBQvI4J4M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
private
cf-ray
844bc52b58d9c2af-VIE
alt-svc
h3=":443"; ma=86400
evilmilk2.css
my.evilmilk.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/css/evilmilk2.css
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4369a3c9c0a9c5c312f58467e18b2a12e166ca4a1a96f2fbf98a8a9141223955

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 25 Nov 2017 18:21:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"8015a43e1a66d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOYbdA3F%2B%2Ft69wWvkm6q4H02%2FwErD9aELCRPNMGz%2Bb4Gy1Kc31ZUFnpXSp3shGc%2BAs7nC9mOHNbuYeGGcz%2Bqp1QSBTBTKNhV%2BnRg3ejGM6uTBqSpl%2Fuqm7dNdvH3dMcTtywQTgAR%2F0idDbrM5iM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
private
cf-ray
844bc52b58dac2af-VIE
alt-svc
h3=":443"; ma=86400
loader.css
my.evilmilk.com/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/css/loader.css
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
092398580b52215cc29109c539abeb05596bd9105a62a07fe9af09fcee886c99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 25 Nov 2017 18:22:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"80b5c9641a66d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMbnRswT0B89vVXuIIRzzILLtVzFM6Kjp2WPGMgT9EgDVvQs%2FQHK4PdVWudQk2Sk%2FMzekrx2sOLidPNfOCREf9tMMkiIQxcFJR829e5JbILIDSxoUbftmHENIsJSbhXLhHb%2BS53orxZgQsDlnt0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
private
cf-ray
844bc52b58dbc2af-VIE
alt-svc
h3=":443"; ma=86400
html5imageupload.css
my.evilmilk.com/js/crop/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/js/crop/html5imageupload.css
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9e25e62146695a87c4118c520beeeeca3110ecab177afa9916cd71a702c48a63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3187
cf-polished
origSize=2648
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 03 Apr 2017 00:50:07 GMT
server
cloudflare
etag
W/"808913d14acd21:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ld9xoZwJsE7Ek1j09JV2eu%2BnYhduW4c4LeDA9aCXDTYGezgqbpdwnqdFzRy70QRWW1VLW4c5CnmludhG1sgaRjhXJnNj9ITj2x3RNnRGh81CHoYHT7xj3J%2BWTICkrrrB6j1V7Onm8Wb%2BQypuFpY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=18000
cf-ray
844bc52b58dcc2af-VIE
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5720709
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apDlWzaENWTXCsK1EDjuaJUqGXxhex5YDb80pn5zYAPceOtq84qjNMYe9KQsSV9voynbED5YhZw%2F%2FGhXYSkC7EFfKh0pAiLLDRmK01IKu2Jbh4X5aU5bhIVcdAYu3MiOyxNXC9YzAe11YxMwaa9anhSZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
844bc52b6a81bb59-FRA
expires
Thu, 02 Jan 2025 07:01:50 GMT
formvalidation.css
my.evilmilk.com/js/formvalidator/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/js/formvalidator/formvalidation.css
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
452c3b2c31fa328eccdf0f75b91567d8dbf26edd88825a5f539f0202d26ff9a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3187
cf-polished
origSize=7598
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 23 Mar 2017 18:31:21 GMT
server
cloudflare
etag
W/"80a21fab3a4d21:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KSQnNrEGenDvScsjJ2Td%2BpgjxFfjEAt%2B1DoUhGlyq6kRVCctoy0VO0oFzByvcLn%2B%2FOviG%2F8ofWq2yc%2F5zkaDk9NKO9incisfVKRx7JnY0nDALHC6Zy7nFDYmtIz%2BvhDyvoeWbxjoRioOLlFPHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=18000
cf-ray
844bc52b58ddc2af-VIE
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
51427
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3279
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-ce35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2WizQMqlpyrVi7dQv9VAFIehGCAaT%2BVgIvWZUzN7e2A9iWH2hLtotyajweHbWpbSFLXWgeFkiaqCSzoeReo%2BN2vY7B4MxbfTqa8a%2FHpb5bmH2SWo4PeqMev7LzLs6YSvIU2Uex1TC26yLnujNLsTvT%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
844bc52b6a7ebb59-FRA
expires
Thu, 02 Jan 2025 07:01:49 GMT
common2.css
my.evilmilk.com/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/css/common2.css
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
885016056b9306512e9ed392acea870e48da147a30f6e6d7f0ca78ec766874a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 19 Nov 2018 19:55:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"80c024cb4180d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVMndU7aWTbP5L6hnFT%2BUYF2mgMUb6tufJIywJ8%2Bsacy%2B1LEVDyQmVjljDK%2BDf7srCRsun2WlyDHUN7K%2BbKySvBHDhNqkpU6zb69Ac%2FgTvQQpZHOHJHhmKOnPVj0kDYIqTvmz3D4oIa2zNPtPJw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
private
cf-ray
844bc52b58dec2af-VIE
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		1 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Baloo+Bhaina
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63b51f8bd8e17196b61439ae388bcd2694839e31598ee117f9e2f414374028cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jan 2024 07:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 07:01:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jan 2024 07:01:49 GMT
swipe.css
my.evilmilk.com/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/css/swipe.css
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1aa813e6253ba444eda427b66e45d2055bd63b77c41bf1dfe48e5275e5583cbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 27 Jul 2017 17:58:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"01b22f917d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7T%2Ft4UchqhDOTwIMEVda%2FxCk9Z5%2BJBzjxmK34dGUiw1EgzlXeSE7UNjqs5Rd1A%2F0TxZz21WmXDpdIr8rdO4Z6jlkMbbiHAdBhnDXVOl3kTgZRO%2FqWj0k7AJ7K6UHIK5ny56PtRVXAwcEz6Yj4s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
private
cf-ray
844bc52b58dfc2af-VIE
alt-svc
h3=":443"; ma=86400
/
services.vlitag.com/adv1/ 		546 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=47040a776bf0a34e9ce507c330d69a89
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06ce6bf44f1b8ed69b32605abc490bde0fe32d00366d68b4220f7564bbf0531a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
cf-polished
origSize=559457
etag
W/"47040a776bf0a34e9ce507c330d69a89 2024-01-08T03:16:45 v1 default"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900, stale-while-revalidate=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
844bc531397b5b86-FRA
alt-svc
h3=":443"; ma=86400
navbar.css
my.evilmilk.com/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/css/navbar.css
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e3163a66c8938870b831c6f2a90d0cddf9d98fdc913166b1bdc9594fb274b5ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 06 Oct 2018 00:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"805cf47d5dd41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LPDu0yDMkeLw6oiyMlVI1bjdNcW55VwSL8j0z8xIY9i9F7roZgvCvvoawSWrF%2B%2BggzQTWeQHTZFzYrGlIE%2BPuy0OJ2I9PWkcElTeyqNP2NePc%2B%2BGAudEXV4x1LQtfaIbHGFMf9wOuRGc9MJrGg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
private
cf-ray
844bc52b58e0c2af-VIE
alt-svc
h3=":443"; ma=86400
evilmilk-logo-mobile.png
my.evilmilk.com/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/img/evilmilk-logo-mobile.png
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
41b0d89944236d450cc9e9e91e94e565aed22e3d01988fead8f10cf26516d48d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3187
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
16008
last-modified
Fri, 03 Aug 2018 14:09:08 GMT
server
cloudflare
etag
"0da3d8b332bd41:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D798w7VrWCeC6Ln8cgs3rP3EfKs%2F84Msli04XUSDuG%2FhF6DrC7SjB3o951d4kjzUEg23BVMF7BcKaRvz%2FljesIGRTcFRoJXt%2FhYUhA4RxGdl5vHBabasM8ohml%2BwFBx%2FJExQ%2BlxMFA0SSQrQoVw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc52b58e1c2af-VIE
tx-37dqz6_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/tx-37dqz6_t3.jpg
  • https://my.evilmilk.com/p/3/7/tx-37dqz6_t3.jpg
23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/tx-37dqz6_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
85b59f786669f8918b872a0944b38de5d525bb59faf87c597853cace5d1de550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
23841
last-modified
Fri, 12 Jan 2024 20:59:42 GMT
server
cloudflare
etag
"4ddbb8439a45da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nHyvYrHL6Nm8y%2BMicuQB7%2B2snTlwyAWcoahNYL73bODlWycEpX8v2Hu9b8DDScj%2B0ogjTDMvXV0vvnT9EEOLk3uiI%2Ffx1ft61RhRkbqymmkfoew%2BwtGPlQGaqiIXiRK3U84geGR2u2qLBPw9A8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc52eaeba5b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:50 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyH1ZM58T3EfSU%2Ba%2FAaSc74q3rBgyoQVuhCRuAjqwQFCKNISRiRx2aMKd16CBuR%2FA6MCT8RZV%2FOSwgiDAcG%2BTjinyYfBLiz1I69IhaCwrRFaP0O8Fmuru97QHOfTvRVcoi5pP%2BPX82SLGfvnjXM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/tx-37dqz6_t3.jpg
cache-control
max-age=18000
cf-ray
844bc52b58e2c2af-VIE
alt-svc
h3=":443"; ma=86400
Rick1502291011_s.jpg
my.evilmilk.com/profilephotos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/profilephotos/Rick1502291011_s.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e360257438dea51257d0cf04e78cf8b98bf2ef1322fe15703c5fc462773c7126

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 01 Feb 2019 03:33:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"48a779dadeb9d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1if40jcbrO%2FhracHBoz%2B0jhg1bzfdndNapE%2BNKPz7yuRkUaPkP4thhhRUWzysTkBPyfZC39e8OyT%2FC4l7LrHPwnGYxug0FrlH%2FUrqM6wKlRhxMC7PLzcjrR%2BlqD6Cgz%2BBWl1EJvIAKZPUelx1Ss%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc52b78fbc2af-VIE
alt-svc
h3=":443"; ma=86400
content-length
3181
tx-37drjt_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/tx-37drjt_t3.jpg
  • https://my.evilmilk.com/p/3/7/tx-37drjt_t3.jpg
18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/tx-37drjt_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fa2e4d3e22dc72f88b52ef2033c8fe6f8b6624ae48e98bd0251f14eb0a1fd613

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
18469
last-modified
Fri, 12 Jan 2024 21:13:02 GMT
server
cloudflare
etag
"ca6958209c45da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoWyzHEun%2Bu7EvgJpZgurMTSXY%2BAd68cKkfJKjmpT4uymPVSjLwx4PYSXHHEkIqgCiTcdSn5nsCeoDJNjAKzqOPCmKx1AupuZJPbmOloaAqYsZ8SOuSFdFXOOyxloCA1hMcnRZxB2y110QrG0dQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc53239f45b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=882SNYTYvdo026iUj2QqyEjWOq1aJal6R1TXqZXrXF7Yx0SUCR9fsFW1%2Bk2Wyle49kSVIR3Q1taXyGlDzxb1U5rz05B1F8g5EK4AZ3%2FS0XA9WsiAY4qdiZd9LfMcGz41HAajcJaBHFl3HWudsuY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/tx-37drjt_t3.jpg
cache-control
max-age=18000
cf-ray
844bc52edee15b60-VIE
alt-svc
h3=":443"; ma=86400
tx-37drlp_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/tx-37drlp_t3.jpg
  • https://my.evilmilk.com/p/3/7/tx-37drlp_t3.jpg
15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/tx-37drlp_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
744770df053f0554c5ea22ca4b1167ce4b4b95545ad3d61ad6d47f148d5c26bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
15792
last-modified
Fri, 12 Jan 2024 21:14:12 GMT
server
cloudflare
etag
"6e46434a9c45da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uek6iPA6nOim7UrvtSdF2TAWsTCZQ6nUNY%2FD5nIwI6I0I4Ky1OmMQD5IDEf7fWc%2Fs2L9jWRZPryU1O1FKG5GKT0Q0Bzpa%2FPro7M2srJFWVkZF1o%2BMYdNR07Ti6grpiZlsUWvvIn72LEq7l8wnww%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bc955b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpWmTfVS7ve5skGWFRBDOdiorrf4HrdQ7aQvrJ9pHHM%2F%2Fr%2BZVxBkZiHrYK6tkf9dbPbt4ApiortNmXhxgVCIdVbQ9m1rc6tib6cma%2F72Fggj60yjDpd%2FcaIqX0La3akKocLozxv%2F0BxyVY0Rinw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/tx-37drlp_t3.jpg
cache-control
max-age=18000
cf-ray
844bc53108895b60-VIE
alt-svc
h3=":443"; ma=86400
tx-37dt8f_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/tx-37dt8f_t3.jpg
  • https://my.evilmilk.com/p/3/7/tx-37dt8f_t3.jpg
33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/tx-37dt8f_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b326571812c0fa91583f17dc29136403309d0e32528eddb2f98dc8138a94d304

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
33551
last-modified
Fri, 12 Jan 2024 21:51:53 GMT
server
cloudflare
etag
"ea7edc8da145da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=884fkYkq3ANoC4IFyTAN3QEZG6VKM97%2Fcu0lofScUS5XXz53GdEyiC18uB9qXx%2BIzxbZwrWIEhi9xjggbSlLlKySRvaMrN0vPr6DW9A1ZOX7y20rf4cKQClPNqKcwhZFb73Acmu8xlWZ0CV%2BQW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bcac5b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdnmRZiABoAfvZ91sESCsS%2F5f8hBfEw6YVPcC33%2FAntQW3HTms8K8L2%2F8iXstFZ6%2F%2BLyl2E1adQB5aRPSAH4hemSobyNXYBKDJFBDRBpbNoe%2F3rn7Sk%2BYnToA5k7KUs2T1tx7PEPN7kawWV0BFI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/tx-37dt8f_t3.jpg
cache-control
max-age=18000
cf-ray
844bc531088a5b60-VIE
alt-svc
h3=":443"; ma=86400
tx-37duq0_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/tx-37duq0_t3.jpg
  • https://my.evilmilk.com/p/3/7/tx-37duq0_t3.jpg
29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/tx-37duq0_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8b4cc53ccc27147b6197dc01839da3218a2d9d64033788e64c8e07a066929e76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
29265
last-modified
Fri, 12 Jan 2024 22:25:19 GMT
server
cloudflare
etag
"93ffa039a645da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7pXRVnEjV0hQ3kNLb3rQp%2FwLk0Xu40DLI3bi8gMy3j3XmfwJueH%2BUKS46tl658tl5B5e1%2BaGRfCBWotClZMp43KdgMlg%2BkkQF0EpmXiiXK%2FPTQiRui1nT5XPexwmPDV1qaiOZC7dfKjRUy9Ax8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bca65b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cil775pVvn1bNCxw4YSA1c35mwncstkMLcb2UpzMWWHjV0z1fjz7UByNcuOUaW5Y5AOEQRrtBLYqo9k%2FtNO3PImIT7FFzE%2FJJozOAaUGRW1XsZQQPjeq65lWNZvA%2F0wq0uHGw9C649DOjZOLAl0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/tx-37duq0_t3.jpg
cache-control
max-age=18000
cf-ray
844bc531088b5b60-VIE
alt-svc
h3=":443"; ma=86400
tx-37dwcy_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/tx-37dwcy_t3.jpg
  • https://my.evilmilk.com/p/3/7/tx-37dwcy_t3.jpg
28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/tx-37dwcy_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f62a1e2cbae75ba7f6eb6089836106c92f2417f06e6df7ff478631a9e9a13a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
28774
last-modified
Fri, 12 Jan 2024 23:02:53 GMT
server
cloudflare
etag
"df75979ab45da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2F2QART7OfQ%2FicC4d9c4rZGsPCZAzdW1ULQXi7ASHv5qcNB%2B3thwxrpEgh3KkF3CHKrvihVyBeP2e2wWFA0%2F6bP0JvcTtjE%2FvI%2FL100IzCcdt09D5ve9m5H2n%2BCyHGXMK2Q9JGpZ%2F70Mo%2F6icbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bc9e5b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMACRBZI5kOyl7s0p2qioQRRQlFkkGEuBsxLpknhB8i4nsBfoYQMP2D6tct9AeyS31w0i023y7E0O5fyQ720m6m5RNVI1k2%2BoHREhSjUkeIu7ts4IncfKSJPcR91A%2BzdeednXvppYYTkpt5DUBE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/tx-37dwcy_t3.jpg
cache-control
max-age=18000
cf-ray
844bc531088c5b60-VIE
alt-svc
h3=":443"; ma=86400
6ix-37e1ep_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/6ix-37e1ep_t3.jpg
  • https://my.evilmilk.com/p/3/7/6ix-37e1ep_t3.jpg
27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/6ix-37e1ep_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2817631fa7e1057a016ee0be1c390648ba671f121643b3d435e6a8ee873c878f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
28063
last-modified
Sat, 13 Jan 2024 01:20:52 GMT
server
cloudflare
etag
"16da84bfbe45da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJZ4YApyD8siSdU4IFlRLpT7TRlAQKlyKfI6ApJoDyLMZvInVjA9rIEt0K4AnUIPXncZEZeh1gH7mk73G7zcSzDMBH1%2F59EALyEA1vf4O3b63O4o1AM1xIVrI8TytI2CWy2L8Cre4fraqRvPZpc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bc995b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wazsRb9xqI2KnLMTxvrvfCbNT9v3PHAzajvdrMcZ72%2BIDcBOSg80S4l5dBmawAFwQzTtpJij6MPF9kU1G62JNTBMJpSFNHeXlUeXbfBDhFuSD03ul2yxeGeOitTl9W1r4RTYCbrlUuisoOglYNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/6ix-37e1ep_t3.jpg
cache-control
max-age=18000
cf-ray
844bc531088d5b60-VIE
alt-svc
h3=":443"; ma=86400
leroy1595589888_s.jpg
my.evilmilk.com/profilephotos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/profilephotos/leroy1595589888_s.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6ad9d22aa576c308831f3eb3442930bfeb34914fd91648ee70f0f340b5953fd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
3029
last-modified
Fri, 24 Jul 2020 15:24:48 GMT
server
cloudflare
etag
"891a5f91ce61d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lfp9X4wE72eR%2FhQnllKuL3P9Fhps6dYz0fkMxGUq2UiuZaUHdQYQFZrFiNlLzpfVlns6Ag%2BCKbujNt5VhOCUMD8CBNkYQ85QSgra0RMUXQMmgK3vx3LrhcAjWEBbRaeztxh9SKbTOUUTbDi%2BCU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc531088e5b60-VIE
743-37e4w5_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/743-37e4w5_t3.jpg
  • https://my.evilmilk.com/p/3/7/743-37e4w5_t3.jpg
21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/743-37e4w5_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a1961f71bfcad8a6b972671a1f5b7f4c39d5bc963a790487c649fad212c514d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
21353
last-modified
Sat, 13 Jan 2024 02:40:05 GMT
server
cloudflare
etag
"5687aad0c945da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdLdkIr4XXCwjsAbzcOOMYe50PNQ8wJwoFdQG1yl1oQo7EWL8HMng2rybtu8%2FxCE5Ks7cMQtVGn2cJwy0TGHd%2Bn9HHa948SpXeXQAXmMSfA25768Wm6QaiauqLMs2RmUhBHIgwLy4CmbPp4xhtw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bca15b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4IFQsB%2Bhb7M%2F9Ho%2FmwKLz0LzWvZ4%2FY6EagK232I3xJyR7lTyvTOOxx7uLiO9SuZXrhH1ZysnzP6q5pSshskA40qtyF7KTnNBKDJpMa0H5vVdDnchiNy18Vzf%2B3yRBRIF%2Bt7NEgF1CgwKyYB%2Fg8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/743-37e4w5_t3.jpg
cache-control
max-age=18000
cf-ray
844bc53108905b60-VIE
alt-svc
h3=":443"; ma=86400
evilmilk_profile_s.jpg
my.evilmilk.com/profilephotos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/profilephotos/evilmilk_profile_s.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7d856737e42b5badab19b9703fc6d38c8559ca6e473a564b1e808dcd66c2ccf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
3507
last-modified
Sun, 30 Jul 2017 21:45:39 GMT
server
cloudflare
etag
"8031f2f7d9d31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8rR%2F7yQLZF6V3H0JnKJ8%2F56xesguA4%2BHEf6Yob3qKSogHjFwiz9U0XD17UeTfoO52gzVhtYazNPn%2BnAMplWEGdEdI6i8O5FqtsAJK49U9K4BNI7nWrqGavV6lXMjX4XAEr0kmG7JBn0fE5ORvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc53108915b60-VIE
arx-37bkir_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/arx-37bkir_t3.jpg
  • https://my.evilmilk.com/p/3/7/arx-37bkir_t3.jpg
12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/arx-37bkir_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6db9cf077271c4f9a07b7b9f7012e4659e9deec1517f1ffff4f62c7fc8a77e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
12432
last-modified
Thu, 11 Jan 2024 14:24:02 GMT
server
cloudflare
etag
"4f6e2bd39944da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MetnqFn6z%2FaJXcfibEBfTlEaLZ7aO2tzFuWST2eSmIzeAvx1pD1DCh5uu5k3JusZ2SXEloUAfBCzsX4Me1dEKhTmFj5vcJedKzeHrM9bTtdacXTDGCEQIF88UtXcKC1lflRxkJmTwesIgM8ttgc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bca85b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWVn4guP9uqv%2BlRmejKqwCCygDsHSVdyerVACkBruf9i4MsQp3aSzxforFi0fvOcZo3Fi4Wlns%2FDEJNQSjLFJP182S22krLaWEcN4pP5%2BXlsf1WBTrhTu4pvB%2Fc4et3bRYfJ2NQDvMZrM0UYyYU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/arx-37bkir_t3.jpg
cache-control
max-age=18000
cf-ray
844bc53108925b60-VIE
alt-svc
h3=":443"; ma=86400
hotpockets1498566690_s.jpg
my.evilmilk.com/profilephotos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/profilephotos/hotpockets1498566690_s.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f0038b8065bf716b91d469addb1c35fc056b84f9668f06fb64fdc02529dd99f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
2552
last-modified
Sun, 30 Jul 2017 21:45:48 GMT
server
cloudflare
etag
"04e7c347d9d31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuggHCMxOUX7LY0i5xbjA0ml9DI%2B4hKz72MFrGsT%2BBm0T4MIBdh%2FrLW6fml9ubuxlIUiXcbOg9FGj7wG8J2adX0dXcBp0IFMYjLC3eUtfhaYv0z3CozjUIe7tLmXQQSXNfder6Ja7KuiHiyCWIc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc53108935b60-VIE
/
services.bilsyndication.com/adv1/ 		546 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.bilsyndication.com/adv1/?q=47040a776bf0a34e9ce507c330d69a89
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:492 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
600614b8b58fe6fc371bf83071a0ca1c27823ee0171ca57d9bf8b2abd8522326

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"47040a776bf0a34e9ce507c330d69a89 2024-01-08T03:16:45 v1 bilsyndication.com"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k27ARDib9FD%2BEwo7zErklKZ9fb97MlrdCWsZtezgx%2BzPy3ZXO8r8G4%2F9iatk3UMcWVzJNJY%2Fj6DrCKKamC3zeqWuhvmLN4xpvo1jo6YKFQW8t9XlojKBxfBETJRyGkURY%2FbX8Yo%2Bcdv6JcNJr6%2BSLvgA6FxGsPEsrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900, stale-while-revalidate=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
844bc52f6f329b28-FRA
alt-svc
h3=":443"; ma=86400
arr-36azg4_t3.jpg
my.evilmilk.com/p/3/6/
Redirect Chain
  • https://my.evilmilk.com/p/arr-36azg4_t3.jpg
  • https://my.evilmilk.com/p/3/6/arr-36azg4_t3.jpg
20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/6/arr-36azg4_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
56a5671e5ef71f33a83c9c5431ebf89569423516200f0c89395e93a4347d27ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
19969
last-modified
Wed, 20 Dec 2023 13:24:09 GMT
server
cloudflare
etag
"1eec9bd04733da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXUqKrI%2BImhL6BPuvwSJX8a2DujYZPgoYD%2BT0wtMd2cFdhumjiIVkUai%2FyPWt9w9RUU%2BOasWKMwin%2FaldpET18ZSsAYshwlGNdGZCaXlD%2FZz4DTncdFaQbptN6ieq79LI%2BqT7%2FMmy6zglSgDZNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bc9d5b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvDMdyd88O3DUIZKFq%2FY2VZOOtDn1SXe9DV%2B%2Fd8ozcIRPs1dRw49CqjnPwTnoqUK2HIk4g6uFrlqL8NK3opV%2BwevOPFYjoVspAaGAx76dRPbPp5%2F2a4n4urOTmA2%2BkCT9qkGSGgZfx%2B1z5iMFn0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/6/arr-36azg4_t3.jpg
cache-control
max-age=18000
cf-ray
844bc53108955b60-VIE
alt-svc
h3=":443"; ma=86400
doodiesprinkles1497977249_s.jpg
my.evilmilk.com/profilephotos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/profilephotos/doodiesprinkles1497977249_s.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5945db634d3d5422613eede819c93d6f0da1dc900f7b8615f3ea6c8b60da0051

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
2837
last-modified
Sun, 30 Jul 2017 21:45:12 GMT
server
cloudflare
etag
"02471f7d9d31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btP12LQ6%2FCRGR2%2BI2GKUemxMRWSvJp4ctMf09LSDMhxxssKlYgv%2FDL7nrFZbHUe%2F9otaftyb3N9IfBBZGgDouggjBC6K3rpQYPkuWPXDYAr32ww6PUbb4cRRAd2Rc5lC6ugS8lfWLQheQJVPvlM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc53108975b60-VIE
a1lu-3718s6_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/a1lu-3718s6_t3.jpg
  • https://my.evilmilk.com/p/3/7/a1lu-3718s6_t3.jpg
12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/a1lu-3718s6_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
701ba6da6573aaa3535dc228e659e8a1587dff868e3415ff44ad44617b0e8b27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
12229
last-modified
Fri, 05 Jan 2024 13:14:02 GMT
server
cloudflare
etag
"da4856dd93fda1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OIA%2BmPz4Sfu3%2FtonnI5JSseHn7h8Hss1HIFzFKiPA6xpTS0LGyK82K%2FjYDeXeKHDevyoZxNOIIKTxZeKjC4B2NXNm2MllBiLtbDqiDhMItYHqFyQ6s%2FmwjmQT%2FYxbQ%2Fy8OLZFOOXBVJA7EXKgU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bca95b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l30vUlaIrONEK%2Fx6kkQvrrSgCl4fbbQvFS8fEpQdG8fUaL%2BsgUL3UIMWDljVxQtDaBqmUdrogqEZ3D5PDrXfzpVfn2DHygqRhMJvQ37WIx018m9pxF8OQ%2FYvimRZyNmvW1VBccTmt8rsDXSyFJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/a1lu-3718s6_t3.jpg
cache-control
max-age=18000
cf-ray
844bc53108985b60-VIE
alt-svc
h3=":443"; ma=86400
skank1501616853_s.jpg
my.evilmilk.com/profilephotos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/profilephotos/skank1501616853_s.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1c2439e0dc23c573dbf3706b2b9891b416ec734d92a653c55c1725484c7e1d6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
2865
last-modified
Fri, 01 Feb 2019 03:33:02 GMT
server
cloudflare
etag
"fa98c4d5deb9d41:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSDI4NlIJoTWXzoIHll%2FTsF%2FyEILqiNpf9V07f06k4TgMsDUQJAJBq42GScdolBm0JqKSadB4ZqQ14NipvQVnbV%2Bve9BKJYgmlNtkWAwOvsAPSxIPwjwaaEYBaMnyNKatYCNJEk7Ncn%2B9DnuV3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc53108995b60-VIE
ary-3782np_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/ary-3782np_t3.jpg
  • https://my.evilmilk.com/p/3/7/ary-3782np_t3.jpg
32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/ary-3782np_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b95339db9127b9e6e5a604fcb6d8ada3de063e26b413ca22937266efa7834ce8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
33026
last-modified
Tue, 09 Jan 2024 13:23:57 GMT
server
cloudflare
etag
"2c535d19ff42da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n67eLdoHOh55yzGIK0kwuqWai%2BEvHxE5x6xmYgEqsr4C7tZOQP0DS66RKLoi9SOKCsJVwp69zZnc74O26VOfhESSUmH6ki4bXi5mEOA1HlTAqM55zca9xoIKNRB72seSuvMl1zezHN3xshjxUM4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bca55b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wc9eYKrNPuO0nqJGhBbebH9cvfrzjFJ%2Ft5Dcv3bPvobRERiAEJuFGUf4%2BopmQWb8w05UyvggDf84ae1SAXofnH23lwDxVUJK%2F6tb4wAUiqZv9d68OESm1mDEMP50VhQwGHhxapCJe%2BYh4sFvTo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/ary-3782np_t3.jpg
cache-control
max-age=18000
cf-ray
844bc531089a5b60-VIE
alt-svc
h3=":443"; ma=86400
MemeWh0re1498567774_s.jpg
my.evilmilk.com/profilephotos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/profilephotos/MemeWh0re1498567774_s.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
30484ec18746a1c6b571bad1d578d07369cc3742076a0995f15ee5e6bef9658b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
3532
last-modified
Sun, 30 Jul 2017 21:46:07 GMT
server
cloudflare
etag
"8079cf3f7d9d31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fASrZeIEMKGc8Evc7rlM8l1ywrJdyZgm0eKTBMiASotCCa8HFNIxILl820lG75XTMs8rLEnWvm8aBX9jYAbpYujAXCjvsvUBQ0j0q4ZLq5HMOKkOPO7npiDh6z1vilD8SYxbi29HalxlCW%2BGj8o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc531089b5b60-VIE
3p7-37dnt~_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/3p7-37dnt~_t3.jpg
  • https://my.evilmilk.com/p/3/7/3p7-37dnt~_t3.jpg
17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/3p7-37dnt~_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a6532c28262d4050152327d7cb95169ee76f8ad6efad5e8a96096579852c489b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
17001
last-modified
Fri, 12 Jan 2024 19:48:03 GMT
server
cloudflare
etag
"5ef72419045da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HZFKDYTTzE66Wvzxe%2F0MbV6kK6JjeqB6tAnlxl8KzmNjFn7jozgtPxVv4Ow5c3CfGQKcZdPsbX4b6V%2FNZq%2FcnlJVTiQFGpFxfy%2B3rqfOH5wVA9mK796Y4oT4d3m5YXlWR2EGLqnktwvoMwM0cA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bcaa5b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFTWcVHWQNueAIlx8tQXJn8u7ANQNkzE3mjcVrENMfTSaSTos%2B5E3cB1crO9g9NGmdg%2F8pBJJu85giR6LSjOaSANY5ILaSZj9KdSSaNd3iQ9KwodQE2TAD7L7%2Ba13c%2BEVvdxApbqIPoILV11llo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/3p7-37dnt~_t3.jpg
cache-control
max-age=18000
cf-ray
844bc531089c5b60-VIE
alt-svc
h3=":443"; ma=86400
5bq-37dmh7_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/5bq-37dmh7_t3.jpg
  • https://my.evilmilk.com/p/3/7/5bq-37dmh7_t3.jpg
19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/5bq-37dmh7_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4a27a322b62b032a45a665c6670b312af5a0da8e4951aeb9fa30f4487ff6b30a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
19037
last-modified
Fri, 12 Jan 2024 19:17:20 GMT
server
cloudflare
etag
"f65b7f78b45da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGicLQZXokIvow2z%2Fgq%2B0TT%2B5Y%2FGKcszq5kBRNOMZo9YWLZFQpDA51Y%2B540FCgjXGG0XQXTwoBFsVd4VQlZob540RyUJCNX2FfhfO1UDwKIzK4q36QEo9%2FWIdNuP3xoNocmcVT5QKuF8oHj5UUs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bca05b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWFCEn3Y%2BVkoARkiAp21uAs%2FvpVoQI19%2FBlCmAuSprvhRye7ffYLs%2Br%2Fy1nOwyJg0Wb%2BOYI9UuBIW5BYjtlf6P91viX98pAhAVHAg06EoEEzVGDS0di4ZQzUWJ7Sjbp0YxrqXxW4KQXBodwdOp0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/5bq-37dmh7_t3.jpg
cache-control
max-age=18000
cf-ray
844bc531089d5b60-VIE
alt-svc
h3=":443"; ma=86400
wally6691560404600_s.jpg
my.evilmilk.com/profilephotos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/profilephotos/wally6691560404600_s.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c405fa8845372427cb52e0b881566d493695a754aa2c3eb599b84ffee7fac0e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
3880
last-modified
Thu, 13 Jun 2019 09:43:19 GMT
server
cloudflare
etag
"d137266fcc21d51:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g09XZSRBQGYIYPLpx8aozIhFXf%2FmP10UtEwLoL6hKzAKbWhuUliHarSfKz3tdyIldAPsLJ1zsvHqlnHqcQYRGwFhaEVco2IszxKDmQqU1CAiGK9xaW7fN8RAwHhi7OA%2Fw0uTbzLeIOAnRm6ZOcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc531089e5b60-VIE
headerbid.js
served-by.pixfuture.com/www/delivery/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
5b414a201d433a80079bb11f4efacae1f09b93d28cd3540a543e5c4036626898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
last-modified
Fri, 29 Dec 2023 14:55:57 GMT
accept-ranges
bytes
content-length
3009
content-type
text/javascript; charset=utf-8
5bq-37dmhx_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/5bq-37dmhx_t3.jpg
  • https://my.evilmilk.com/p/3/7/5bq-37dmhx_t3.jpg
31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/5bq-37dmhx_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b9e9c613469cb7df9e2e88d02ae890256c961abfb20f1d2ce6a67a7124f04d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
31368
last-modified
Fri, 12 Jan 2024 19:17:46 GMT
server
cloudflare
etag
"e6b07f68c45da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqusrS60tbF5Z83wbtY3Ug6KnLCCP1y4zWo2bsbzmHGUSWgLQdKtGnwAGO5mON0Tp86RtQJpiXFXJEWh%2BDtWr%2Fj3xN576y43i9CkxaWysyltH9uuceXMuXcOzK26cIkTGEoKmmFtpXhx%2BKtDlDk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bc9a5b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gm4KQX1k7gpo9J4P7s2Z49GpUXhxw%2F3Q3BwEliXQQ1D0vEVtjFHcOcopoTv4ERJQYbBgKTwspg03M9SHR%2B5Zy1DRjuN8nQSFiNafYIv6bPyPlqpzGC88EJtgAnk7gtxF%2BBScIdyw%2FnUIJPOaQME%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/5bq-37dmhx_t3.jpg
cache-control
max-age=18000
cf-ray
844bc531089f5b60-VIE
alt-svc
h3=":443"; ma=86400
5bq-37dmiy_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/5bq-37dmiy_t3.jpg
  • https://my.evilmilk.com/p/3/7/5bq-37dmiy_t3.jpg
33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/5bq-37dmiy_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2f28c77029d9395a196cc259994f42d5a19a051b2af574f73c08770311584960

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
33923
last-modified
Fri, 12 Jan 2024 19:18:26 GMT
server
cloudflare
etag
"b2833b1e8c45da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMRodLIib4F5OmVSL73eyc828OI%2BS79Y28ia96qcR%2BNz4c0O3a%2FhwOX%2FkYcmbhNVapddJEig6gBwcRXRj14OI4cSDGQMCfax65OThvLMoXnl%2F8%2F9bAmzclNCT7GMrMu9Djc8dT%2F8py25m%2BDyUhE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bca25b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4l5zlF0eIJZqvvilweFzlh0ejowoVbRTNRZy4gcD68cp9n%2BlW1WRjWOse30yd7ryzWyOTvL3DrS6BkjhICXMuM9CcZZxAsyCCAcRqYxxUy4amWuqRvXwN8RkHORIL%2B9Mdcop5aOMM2AsqFfmyc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/5bq-37dmiy_t3.jpg
cache-control
max-age=18000
cf-ray
844bc53108a15b60-VIE
alt-svc
h3=":443"; ma=86400
5bq-37dmjf_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/5bq-37dmjf_t3.jpg
  • https://my.evilmilk.com/p/3/7/5bq-37dmjf_t3.jpg
35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/5bq-37dmjf_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4c95f64414f1f198dda83b18d00bf63e030fc6fcfad0ce67992f9a3007dbd257

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
35674
last-modified
Fri, 12 Jan 2024 19:18:43 GMT
server
cloudflare
etag
"c11b78288c45da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXpTcxsfjgyTu0AmurCSUany5LAJFKWPUDKB%2Fuk5WX%2BdoOgV5AYljeqB7s2Pak9TEUJXOp0ey15gom5DDrADRWv6nyVh%2FNk55Px%2FtRRaXlRdz9hxgVM6IX89XU1HliMWF6izTO%2BNYcwT50gbSM0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534dccc5b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HjNJjoIYTPG6Iw2PYYqHd1fFSSGhDu3LPkOUZQRX11AsaCquR8yHxYk7oxjO1JEvUNagZn8iHnBMoIm4ECHaRY4NL97tXIZUG2vI2hwqUCyNshugRuoXzH83%2FquMIapXl400aWhYbbsna1FS28%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/5bq-37dmjf_t3.jpg
cache-control
max-age=18000
cf-ray
844bc53108a25b60-VIE
alt-svc
h3=":443"; ma=86400
5bq-37dmjn_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/5bq-37dmjn_t3.jpg
  • https://my.evilmilk.com/p/3/7/5bq-37dmjn_t3.jpg
19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/5bq-37dmjn_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b3da537c2d27593256c3ec041940b8ab87611d6ad5de7d9a61aac9fd0bee592e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
19729
last-modified
Fri, 12 Jan 2024 19:18:53 GMT
server
cloudflare
etag
"32a332e8c45da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmHSbXhC9o4JWyyiPz2sS4WCny6MLH9PtMfGW48s1uVEa0eecs1GL0sQ1dENpw3nJcOesk9ybuDZ8wOwCaL1jTsKSkrBUkv%2BIHikS%2F1rxRq7zmJvMzspddQa9H6DB1U%2BIzRNuewCcfXenb68340%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bca45b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bo9%2FwBWIlhVadrlmUv5s25X8P6%2Fjngcm7NRwrVbqIR%2BhWa5WFTFkTSlvRRjYau8h2F2AaFyfi8EsStYrjJlgaoh3ZJrrtDx0kcNmqimehdDd2tR0tHS6vdEp6xogMHdwxu78lfgd1G64bwKEY1s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/5bq-37dmjn_t3.jpg
cache-control
max-age=18000
cf-ray
844bc53108a35b60-VIE
alt-svc
h3=":443"; ma=86400
5bq-37dml8_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/5bq-37dml8_t3.jpg
  • https://my.evilmilk.com/p/3/7/5bq-37dml8_t3.jpg
26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/5bq-37dml8_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ceb30b70ddd0da966da095e7a99ff06fde3bf61900ab4e17cb8c302ae4735703

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
26659
last-modified
Fri, 12 Jan 2024 19:19:51 GMT
server
cloudflare
etag
"c896dc508c45da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjXVJ7ioMh70aWsyMXRxYbf9VZW%2BXsYk60GlgB3KrE71plVfLrv1JdOEPkKaCWZHgwiRYBGIcClu0ZXj7wyu3JqYSh8owkbOewr0NB%2F3SWth66D%2F76EjsFgsGqcw5QHTgwzY%2FKYrjZNApc4F30I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bca75b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeQVmnv9JeelX1jhFJKV7%2Fa8FJeELn28j82644t41%2F8I4XJuhwcGjFYkklXNAL0BZ4cNY0ai9pQn0%2Bx2D5mRazIFK%2BRw7p12Hq8MHrxppZqX%2BK5%2F4EbXt62Keb3s7GezOu6Ub5HgEFvOg4ID09M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/5bq-37dml8_t3.jpg
cache-control
max-age=18000
cf-ray
844bc53108a45b60-VIE
alt-svc
h3=":443"; ma=86400
ary-3782o6_t3.jpg
my.evilmilk.com/p/3/7/
Redirect Chain
  • https://my.evilmilk.com/p/ary-3782o6_t3.jpg
  • https://my.evilmilk.com/p/3/7/ary-3782o6_t3.jpg
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/p/3/7/ary-3782o6_t3.jpg
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1e2b0c88b4ef6a8656e08120faf038cbb19ebc3c9b1473646aebff61136dbb2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
30224
last-modified
Tue, 09 Jan 2024 13:24:02 GMT
server
cloudflare
etag
"a5d0ba1cff42da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jB3O1LMg%2BGYlndYYehqfBi%2F1CVwGMClypx3%2FnIVenuSa%2BZRS4y9iBbNs%2Bc2QmfVJWT9%2BG8KulB17ew9mCePK%2FsR9o3GBpr1qVxeP0pMrfAjvedwEyEM6k4L7HelvY3F%2FvtBK6FigbIe%2BxGOTBz0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc534bc9b5b60-VIE

Redirect headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COIrcG2i6ZY%2FCi9PlRt0wQe3u7KMze2xUgbX%2FGFXTOiYv9jk95PE1UzhtkNJJ8ceK1ukpZshEoLtfTtkVCud09WvsV0msrOVedyWKc%2BS%2BKdVHV9kjjUnikt%2BFSEefEHPzIYOZU1umreol0jgEJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://my.evilmilk.com/p/3/7/ary-3782o6_t3.jpg
cache-control
max-age=18000
cf-ray
844bc53108a55b60-VIE
alt-svc
h3=":443"; ma=86400
img.fetch
udmserve.net/udm/ 		1 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=15134;tid=1;dt=6;
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Date
Sat, 13 Jan 2024 07:01:51 GMT
Connection
Keep-Alive
Content-Length
1
Content-Type
application/x-javascript
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://my.evilmilk.com/
Origin
https://my.evilmilk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
10327111
x-cache
HIT, HIT
content-length
30125
x-served-by
cache-lga21971-LGA, cache-fra-eddf8230039-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1705129311.916036,VS0,VE0
etag
W/"28feccc0-15283"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
189, 50812
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://my.evilmilk.com/
Origin
https://my.evilmilk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1053
age
3786988
cdn-cachedat
10/31/2023 19:27:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
cc2f0ec56c835259c8d4acd745b59a7f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
844bc53139d80476-FRA
cdn-requestpullsuccess
True
imagesloaded.pkgd.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.2.0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.2.0/imagesloaded.pkgd.min.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11e15f1d64a63cb498d0d42720a688ed15bf78393d8c460d695a110244c066e3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5284812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2279
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-1fb1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JR7eZ%2FfzlGuBkWON1m8ST9dahBhY2J%2F%2F9jDo8Mp16tcLfdNTbImvOGubwdxOlAXPacEY3q%2Bh7XFmA56CLWIxeA5IGyKxNQOv20acoQ3G%2FMIP1gzaIKGSmRmq1daoNnSimxlfJjfuz1UcoXDIcXbsW8lG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
844bc5310de6bb59-FRA
expires
Thu, 02 Jan 2025 07:01:50 GMT
masonry.pkgd.min.js
my.evilmilk.com/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/js/masonry.pkgd.min.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 28 May 2017 16:24:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2204
etag
W/"067a5e6ced7d21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBbUjR1Cx00RUwUDEikido%2B95gCNVdUFEyDyFfMxmEuYVlC95QrMDDdR5bOM1QJ3RwgzZq6yB0JGPPuhi06a84BYE%2BkWReUXaXWH58Rt0tlsR%2BpFVEcFAoCB7VDCSXBbx7ngE4V9x5LNUDFeOOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=18000
cf-ray
844bc53108805b60-VIE
alt-svc
h3=":443"; ma=86400
masonry.pkgd.js
cdnjs.cloudflare.com/ajax/libs/masonry/4.2.0/ 		62 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/masonry/4.2.0/masonry.pkgd.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d91b57ef2ccbfbf592adda4d4f085d413008450b8552621f786d89d2d63f34a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2508799
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13694
last-modified
Mon, 04 May 2020 16:12:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed9-f699"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWo8Qjru9m6uG%2Bi2FFPO0DWJ560k2hFPUTWUpnzkO5LKnDq6qraRNQ8hLfR7inK%2FaRV3%2FaeOSAoV3MpVdOJJL9UIxPR2Pu9b4y7x6dn1Mr%2BiLCEdyi18taXlVIOmie2K76xzeAUaBDkZ5MWLOxc%2FjBVx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
844bc5310de7bb59-FRA
expires
Thu, 02 Jan 2025 07:01:50 GMT
bootstrap-notify.min.js
my.evilmilk.com/js/notify/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/js/notify/bootstrap-notify.min.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c2146085c77c56d72d0ed540f3bcf8dbe969b0df5dfd6ee812d6e8f8192caef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 06 Oct 2018 00:33:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2204
etag
W/"0c8652ec5dd41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6jool4Dp2oSH8OOtRrU3GRFNy8b2f%2B%2B82U%2Fdb88EejkxgUiWiJBaKsxu6m%2BvivBqT98N%2FkX8nazZRVS33giX6emMyBQqkNrGIihHpTREK9uFVq%2FcDiLclUARUPWV3bhUNFjqrUWra0pyYhkH8k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=18000
cf-ray
844bc53108815b60-VIE
alt-svc
h3=":443"; ma=86400
jquery-ias.min.js
my.evilmilk.com/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/js/jquery-ias.min.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
07ee1a015ae900ca77e929037a577632e3ff5b40b9fe643acab2bf0c8a06cc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 05 Jun 2017 18:33:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2204
etag
W/"80fa72302aded21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3KgRa4IXu%2BfLv%2BoiRdR7uMDa1H8ODTXQoF4a%2BbPy3JdHcJDLXwRJu2kIkVn9DwR8jL5qC5lXLkcx7UowCmKOrFc6uU3pKnQSkZM4s2o9MtPCP3h6ruCe6JhZI21e8P41obN9tgqarxcJjCi7wg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=18000
cf-ray
844bc53108825b60-VIE
alt-svc
h3=":443"; ma=86400
common.js
my.evilmilk.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/js/common.js?11302020b
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c7c8fb30a25d83d934203ecd30e99d189a3905e3d2cddea0ff4c2d67c42f08a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
cf-polished
origSize=9144
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 30 Nov 2020 18:44:52 GMT
server
cloudflare
etag
W/"7736d4e348c7d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3atEczIB2OpbHRzAZVMikL6CWuWavRA4JyxCHn3znUo%2B7z0LBn93sD%2BVV7nQPvHU9Ir2ZJiAQi7usAyPijI9B7%2BhIgRn3BppxWevSPs3SI%2F9fr9XYnLXkRQdvGwmVqc9Vu%2BhrEf0%2FqPedgoksk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=18000
cf-ray
844bc53108835b60-VIE
sticky-kit.min.js
my.evilmilk.com/js/sticky-kit-master/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/js/sticky-kit-master/sticky-kit.min.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bee29a32ea5a0206cd8e7afa157bf0a170e907a44426f50e508bd33ede61fd15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Jun 2017 15:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2204
etag
W/"80799db66aebd21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eRzEPmiW1F9RpBE%2BN1zk9N4rSL9VA%2F2ZxFxot5JO8ip7ck%2FDsisphuhb3kjT2u1sByBOw9bQ3ZacWzl3GbC0A8ndAQ3qpoNMpR8Wwuop2Yw%2FJy86lTnZdZdrDIh01G9ENbS1i8lKW6YOm%2Fidws%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=18000
cf-ray
844bc53108845b60-VIE
alt-svc
h3=":443"; ma=86400
jquery.sticky-kit.min.js
cdn.jsdelivr.net/jquery.sticky-kit/1.1.2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.sticky-kit/1.1.2/jquery.sticky-kit.min.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6239516
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220021-FRA
server
cloudflare
etag
W/"aee-kVBNCzyWRgKHiIAgSnrLffO3wvQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5v%2BmjMeaTKAiAjhRQ2ji0U0YnHMEj1KjDEGc2q%2FROsHj%2Bj8zvi2VF33M1ZZL3Qo5SJkwJaJVlQQM9%2FUHJD94wzbYl%2FeqEeeU0jKJK%2BtRtI4%2F8mNuKVLyXx7sZWaCLm%2BUDFfVujFghbdtjniqr8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
844bc5313dbb37e6-FRA
hammer.min.js
cdnjs.cloudflare.com/ajax/libs/hammer.js/2.0.8/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/hammer.js/2.0.8/hammer.min.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7953631f0e54794d2352a3cfa591c0914d73e14f90141058e3cf16bee7939bcf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5379333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6561
last-modified
Mon, 04 May 2020 16:10:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e72-511d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVKLaJPK6MNqNOIxvoy5NiWBC0L9eYL9db86X4KgqFj%2BxpI5yH1NhQpavwAahALzeigspzo7YfRoSPEzUqOc7uptDK3gwEOlvMHhSFrr7i5NAa0yPn3Gi9x9oqmBpKkOvGDgbec%2BLaSF0kiYARLYOcYJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
844bc5310de8bb59-FRA
expires
Thu, 02 Jan 2025 07:01:50 GMT
jquery.touchSwipe.js
cdnjs.cloudflare.com/ajax/libs/jquery.touchswipe/1.6.18/ 		76 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.touchswipe/1.6.18/jquery.touchSwipe.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28abfafb6d54becd3119c72fada9c7dff45a52fcfb376e248426e95ba95e179a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3726737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14362
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-131e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZlHE2TqPXYV355vy7eV4zzybLWIhV3dBWsc9Uq0jpHOIj3vsdks5v0qfvjYZelsyMfRhULeX738E9fyco1%2BHKjoebhprHhdnaGu0UD7h1n02v7YIp2XoiYRxH90EuZo8sOr3IGyZ2cHWzfCd%2FFYoMwk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
844bc5310de9bb59-FRA
expires
Thu, 02 Jan 2025 07:01:50 GMT
jquery.touchSwipe.min.js
my.evilmilk.com/js/touchswipe/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/js/touchswipe/jquery.touchSwipe.min.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2017 16:51:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2204
etag
W/"8072c12178f6d21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCdC6aAUBkpsu4juPYCI%2F9NSmYhgyh9dtpJWqHubBsHhAPqy2srVTRpVekFiSjDrSuBBfeJxp31p%2FAKKdihsx1i4sal7amQB0b2BKPWZtKvA4ibIasx3X%2BZDbBohKsFwa5f0gwv6GWYIXmLUa%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=18000
cf-ray
844bc53108865b60-VIE
alt-svc
h3=":443"; ma=86400
alerts.js
my.evilmilk.com/js/ 		541 B
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/js/alerts.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4153caed177a1910fb45b3cc71386e8e8e9b95f691b19f043431f9d518f2d025

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
cf-polished
origSize=706
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 17 Aug 2017 18:21:01 GMT
server
cloudflare
etag
W/"80644c948517d31:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BRe1LNICG%2BdzCQtF95HNvTMITH28V%2FJdakbC7%2F7SihJEZ00eFTSVThiub7XmHPYx7Z%2Bhg2gvNEQPoVIgtF3HjIYILlRS%2FEJwe7OwRALVawSlJnmA1pulr865FQe3nw36sAGRE21jtOPPQZ3BA0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=18000
cf-ray
844bc53108875b60-VIE
videojs-ie8.min.js
vjs.zencdn.net/ie8/1.1.2/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/ie8/1.1.2/videojs-ie8.min.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230050-FRA
date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
gzip
last-modified
Wed, 10 Feb 2016 20:27:09 GMT
etag
"2ff9bb22f0b1789ac170247b0825488f"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
8924
x-cache-hits
15729
video.js
vjs.zencdn.net/6.6.3/ 		692 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/6.6.3/video.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c91929d763dbd98a0f92f6900610101c27d9eba6fa0d2ee56b3a073fbebf8414

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230050-FRA
date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
gzip
last-modified
Tue, 30 Jan 2018 19:07:51 GMT
etag
"cf96d5421663a030ab7a9eb4db2e9be0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
161015
x-cache-hits
1
Youtube.js
cdnjs.cloudflare.com/ajax/libs/videojs-youtube/2.4.1/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/videojs-youtube/2.4.1/Youtube.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ea194381d10da9e90de21735b51cbc6c898896323977a34fb53d55a4842a4c3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1374799
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4607
last-modified
Mon, 04 May 2020 16:17:40 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04024-52fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0UD%2BbxKTsq%2FRjuPiDgPvjSaO7i67HJfxlwLe6OCVWbEU97znUAiaFVFtbHXGq8134mFhWArr%2BnbtZF11aIuWOO%2FFUnP8C3TTOWeIAQ1zXrSCmcQRocKxEdCnoYlwP4BWpoMjP04A%2B72ZQLwb62S3viE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
844bc5310decbb59-FRA
expires
Thu, 02 Jan 2025 07:01:50 GMT
js
www.googletagmanager.com/gtag/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-102658320-1
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85d08c423d7b1693b88b86b53469bbfec779306a33f190fe2311d065974016a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69333
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jan 2024 07:01:50 GMT
evilmilk-logo.png
www.evilmilk.com/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.evilmilk.com/images/evilmilk-logo.png
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2c35ad3146982cd844183dcfdaf0e11d48b88b198d49af3c2dcaa753df654a19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3187
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
21200
last-modified
Tue, 11 Sep 2018 23:52:14 GMT
server
cloudflare
etag
"0ba2762a4ad41:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6i766DLztpYPZVt9rFB%2FazNBy1oSuscRt46BkSH9OTP8nXqUCHpqR6oKRXXsyViQXdXvu%2BYtUXxionyoIJqxDHgHGXzzlLfNUM11P9tpjBJTOY7wdwuT4GUSRzBrB44GiWDc11lrzMbvy6hYKHq"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=120
accept-ranges
bytes
cf-ray
844bc5315cebc2af-VIE
count.js
evilmilk.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://evilmilk.disqus.com/count.js
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 07:01:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
35
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 02 Jan 2024 14:37:25 GMT
Server
nginx
ETag
"65941fa5-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
Pl_V38_XD4Ct4UvT569BhBLfdYFv1lNEZBsbmeRt1gIo5dva2w_E7w==
css
fonts.googleapis.com/ 		4 KB
751 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/css/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jan 2024 07:01:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 05:25:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jan 2024 07:01:50 GMT
dark-mosaic.png
my.evilmilk.com/img/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/img/dark-mosaic.png
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/css/evilmilk2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0f6f0ed6c96f379c1cee89709cbf240aa4f02eaea0d993b2cf46cfd51b701f34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/css/evilmilk2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
10563
last-modified
Sun, 28 May 2017 15:35:37 GMT
server
cloudflare
etag
"806aacdc8d7d21:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15VmGQaaVwAFiZaUMCGx0ogOKheXhkIVfA3IyASqxD8KEHA0ZZRqVu%2BMFLVVL04e4hWXzhTYqTz4QKJrTKZLsRFzW05W4CtnxLJc9N%2B1CQavdWGstXzda93lNEhUkEs98Q0f6dh2qVSQhGv%2FGaM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc53108a65b60-VIE
black-felt.png
my.evilmilk.com/img/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/img/black-felt.png
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/css/evilmilk2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ffe970a04c609cdda0d904680efb91b3d434417c1ab4489f8cc5fccba2275bf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/css/evilmilk2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
56237
last-modified
Sun, 28 May 2017 15:31:56 GMT
server
cloudflare
etag
"07ef289c7d7d21:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JG6Mib%2B1iKTdS7PU76td4XFHwAyDKXdr1F7vU1bl1S4FjTx8PLngBBERuTkOu863pMAuem0yNw7aSq%2BU3Um8xCC8hfE6%2F24%2FZxxEPiN%2FwHqlzu9sroOP57mxD1zK53qHJZr1DLds7p52AW8xUj8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc53108a75b60-VIE
hr-11.png
my.evilmilk.com/img/ 		962 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.evilmilk.com/img/hr-11.png
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/css/common2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
90846c04444111ad8310e91c11a10a38c22fa80989242696185506342ce989c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/css/common2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
962
last-modified
Mon, 29 May 2017 03:28:36 GMT
server
cloudflare
etag
"0caf1a72bd8d21:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOzbGC8K8Q7PT7v2v5RKu0deEh5%2Bc0lGCEtzdXWXGw3FQlUcXlRSxj3iHaq4drlKnVdvSulo44lJ57BiCJaZByFydNYBag8J2SMjz7o%2FWph4iMdR8TM7K%2B08zakeMgAFTb3prTZQ4rH28N52k%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc53108a85b60-VIE
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://my.evilmilk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2019888
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3HG9FA4YjTJrbYr4zlskQr5TZw3qAWwAzDqd1pZYKNbXwJ%2BMG6%2BmDTaGcFhhN6%2F%2BFjDuWoTQ0DDI5MGbaT9tf3Jk7jCCVAbEJku6RwfKW25lOs0i16Z%2BLyCrzVx04L9nkuW84zFYTiVHVK%2FklBZ%2FTQw"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
844bc5310a4f2c04-FRA
expires
Thu, 02 Jan 2025 07:01:50 GMT
glyphicons-halflings-regular.woff2
my.evilmilk.com/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.evilmilk.com/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer
https://my.evilmilk.com/css/bootstrap.min.css
Origin
https://my.evilmilk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2204
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
18028
last-modified
Wed, 22 Mar 2017 17:37:26 GMT
server
cloudflare
etag
"0f80f832a3d21:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKUDpeKRltquxmW6V9lPJI7%2F%2F4ZXfuW8h84tKk1CS3zKeBHVBttbxLlIogoSjRVUhdUPLegmEj2PVaz0DBYiPsueY8xJsJ1MFCB0cWRJr%2F2KM%2F9XoDC0EnnwDVa7D2DjympaQxwLwSs2uv1Dm4U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
max-age=18000
accept-ranges
bytes
cf-ray
844bc53108a95b60-VIE
47040a776bf0a34e9ce507c330d69a89.json
services.bilsyndication.com/cli/ 		42 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.bilsyndication.com/cli/47040a776bf0a34e9ce507c330d69a89.json?hn=https://my.evilmilk.com
Requested by
Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?q=47040a776bf0a34e9ce507c330d69a89
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:492 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6ad6fb86ed4fd4fe930b5da17901f0f643579558b07022372d4758ba68c16e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
42
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iAdNlVUYFDdEeBqfCbjgapZKBfWueWOcX0h2FazPZRIfZWXJVw1hqctFglNGlbqU0Bqw1MF0RyGO5WjOygSfP%2F5qji8AFgnH%2FUCW30iTH0zka8lgXEELwGx6ciFQFqkdq2hUF1uqv22e2WOG26xJg2V0kWyTYp%2BnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://my.evilmilk.com
cache-control
private, no-cache, no-store, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
844bc5337ab68fe3-FRA
expires
Fri, 01 Jan 1990 00:00:00 GMT
hb_v2.js
cdn.pixfuture.com/ 		54 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/hb_v2.js
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
929f0951169f5f8aeda75cc244a601b1e5621f503134d01001b04b9fa4e96fb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129623
cf-bgj
minify
last-modified
Tue, 09 Jan 2024 18:51:19 GMT
server
cloudflare
etag
W/"659d95a7-d89b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0fbTi%2F0JbEMKdt%2FYLweqH%2BzXg4H%2FPxa9rn57NOa%2B8F3Ed3ZoR64e0ljXga3IFg6Q3f%2BHsN5ba%2BFbuU0QnfoIbEfuCEdT6o%2Ff4NIeIgEgShY1yyPGigvbGlR8hXDsD91y0C2I0Dpq9EY4WobSo0V"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
844bc533ce69997b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 13 Jan 2024 19:01:17 GMT
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/videojs-youtube/2.4.1/Youtube.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
012836af0a51bc628cc3eb10b36ac2b6a1dc5c6b118f95c6e5c0a66bb2c14966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sat, 13 Jan 2024 07:01:51 GMT
count-data.js
evilmilk.disqus.com/ 		855 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://evilmilk.disqus.com/count-data.js?2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2F3p7-37dnt~.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2F5bq-37dmh7.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2F5bq-37dmhx.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2F5bq-37dmiy.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2F5bq-37dmjf.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2F5bq-37dmjn.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2F5bq-37dml8.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2F6ix-37e1ep.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2F743-37e4w5.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2Fa1lu-3718s6.htm
Requested by
Host: evilmilk.disqus.com
URL: https://evilmilk.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e4bafeaaf68a33a482c778ea55adaa9a4e4203b9210ba4c5dc0755c2094b2e65
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 07:01:51 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
26
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
855
X-XSS-Protection
1; mode=block
count-data.js
evilmilk.disqus.com/ 		848 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://evilmilk.disqus.com/count-data.js?2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2Farr-36azg4.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2Farx-37bkir.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2Fary-3782np.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2Fary-3782o6.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2Ftx-37dqz6.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2Ftx-37drjt.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2Ftx-37drlp.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2Ftx-37dt8f.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2Ftx-37duq0.htm&2=http%3A%2F%2Fmy.evilmilk.com%2Fgo%2Ftx-37dwcy.htm
Requested by
Host: evilmilk.disqus.com
URL: https://evilmilk.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2934ed07214f8ef5ea11ac6b6c34d56eef6b55b5b180c0fc879ea212df8e7b25
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 07:01:51 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
26
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
848
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BRN37S9T9Y&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-102658320-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
910590bacce75ce181cd30d2921291d16a6fb427893d872fcad81d8f99b5cbb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86118
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jan 2024 07:01:51 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-102658320-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Jan 2024 05:48:14 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4417
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 13 Jan 2024 07:48:14 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71ac4b75bcb81fd768623217446af6a11740fb2af42b398079b56714304007e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29772
x-xss-protection
0
server
cafe
etag
523 / 19735 / 31080365 / config-hash: 6457213104751266546
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 07:01:51 GMT
pbix.js
cdn.pixfuture.com/ 		396 KB
397 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pbix.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e4196faa28def3b310eed8c11827e29b55f9f3d2bfdd31d3d72669fea7f8c92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129606
cf-polished
origSize=406706
cf-bgj
minify
last-modified
Thu, 19 Jan 2023 19:53:47 GMT
server
cloudflare
etag
W/"63c99fcb-634b2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aSfSQ%2FhuIiAfxJ39sEmh7yA9U7tWeu4IKtgskPKmDBEqwFMQWWDwurIgsG4AQ8u8A%2BxKUS%2FTtlHWUIM0nqQV9Uy6yntmtShFD0s07PvZMJb9Sgm0CW8ofkoz5tbrwFQ%2FXPbaO%2BRP6JS%2BlVqzeSZ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
844bc533fe91997b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 13 Jan 2024 19:01:18 GMT
pixf_sync.html
cdn.pixfuture.com/ Frame 9FA9 		925 B
897 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pixf_sync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f1331692111a2b6ace14bf6135b4dd9acb114819bff767f17e4f2a1327fdd03

Request headers

Referer
https://my.evilmilk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
844bc533fe96997b-FRA
content-encoding
br
content-type
text/html
date
Sat, 13 Jan 2024 07:01:51 GMT
last-modified
Wed, 07 Dec 2022 20:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJe8YVrlxqZcC7ZIvQzW10TZ5D5Yl%2BbK5feF5uQCrNlo72hcyb63XVD06OIppnf%2FS5%2Buvg3KQVGoqiUuW675rC5oLx6C9aeRRn%2BjvyKRJlSUrESbAWbBOQHdpXv6NlnAO6Hsa%2FgbCp52FlpUNWzx"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
r.js
aa.agkn.com/adscores/ 		0
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.134.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-134-82.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:51 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
expires
0
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=4052x300x250x790x_ADSLOT11&keywords=myevilmilk,even,evil,milk&refUrl=&refresh=false&innerWidth=1600&cb=1705129311355
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
91130b4fb4e0abb4c17cada5bb77da991abdf8c682aabd6fa25a56484a5850aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:51 GMT
transfer-encoding
chunked
content-type
application/json
access-control-allow-origin
https://my.evilmilk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Pragma,Access-Control-Max-Age,Expires,Vary,Cache-Control,Access-Control-Allow-Origin
expires
0
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=891281267&t=pageview&_s=1&dl=https%3A%2F%2Fmy.evilmilk.com%2F&ul=en-us&de=UTF-8&dt=My.Evilmilk%20%7C%20An%20even%20more%20evil%20milk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1484779054&gjid=1467408755&cid=2014607481.1705129311&tid=UA-102658320-1&_gid=1960660214.1705129311&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1887966959
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://my.evilmilk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/80b90bfd/www-widgetapi.vflset/ 		216 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/80b90bfd/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca5a691ea0a5a7485c48827ef56c36cb4414693c72ef5f6a0067e5c9d3e00261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 21:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
34265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68600
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 02:46:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 11 Jan 2025 21:30:46 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BRN37S9T9Y&gtm=45je41a0v9118426823&_p=1705129311306&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2014607481.1705129311&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1705129311&sct=1&seg=0&dl=https%3A%2F%2Fmy.evilmilk.com%2F&dt=My.Evilmilk%20%7C%20An%20even%20more%20evil%20milk&en=page_view&_fv=1&_ss=1&tfd=2432
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BRN37S9T9Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://my.evilmilk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vl.json
services.bilsyndication.com/vld/1705122185/ 		12 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.bilsyndication.com/vld/1705122185/vl.json?page_url=https%3A%2F%2Fmy.evilmilk.com%2F
Requested by
Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?q=47040a776bf0a34e9ce507c330d69a89
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:492 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
MISS
last-modified
Sat, 13 Jan 2024 07:01:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPkmdLbTRw3Nw79qErZ3YDG8Do%2BzC5bBJEBZ1tqVwtaaqMcMNeRI3SO2Z9LJIWM840J722o985l7yNip9A3vFLxt4cUkHq3Qf5TS2ZwtgDUFzeTJHSZM92mSaQff1r%2FGSgG8e2YzwUkkBP5DLUC6OnWEGb0wKtbkVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://my.evilmilk.com
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
844bc5344b0f8fe3-FRA
content-length
12
alt-svc
h3=":443"; ma=86400
47040a776bf0a34e9ce507c330d69a89.json
services.bilsyndication.com/obj/1705122185/ 		39 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.bilsyndication.com/obj/1705122185/47040a776bf0a34e9ce507c330d69a89.json?cc=DE&hn=https://my.evilmilk.com
Requested by
Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?q=47040a776bf0a34e9ce507c330d69a89
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:492 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f70fa61f7988f838d92697ead1485b2d2c0eb4c6282216aa717b829fe5affb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 13 Jan 2024 07:01:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDwro3tuZGVaUaymChlEB4TCBGIltx4uBSAHqGB0puysEgDtOzGEKRcqsC1GI3r4x4sx%2FGQqFx5roKnekL6V3GBMHENoK%2FvUOKHUUeadrjL5aJTG6r%2FZjVzjwfjDWetehN0fctsNk9nVuw4M9620AlYLGMqqXgpCBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://my.evilmilk.com
cache-control
public, immutable, max-age=31536000
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
844bc5344b108fe3-FRA
alt-svc
h3=":443"; ma=86400
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/ 		437 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080365
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c211e8775861eb70a495edc9b39d509002676809a57ed8090817e78f764b57fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 16:31:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
52206
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140670
x-xss-protection
0
server
cafe
etag
10621281385585276585
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:31:45 GMT
choice.js
cmp.inmobi.com/choice/pCNAReJk6bG2R/soamaps.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/pCNAReJk6bG2R/soamaps.com/choice.js?tag_version=V3
Requested by
Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?q=47040a776bf0a34e9ce507c330d69a89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c696e0b058138e41157ab0a7fdea44a11fddfa5235c6ac81a84aaf4ed931b1d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:20 GMT
content-encoding
br
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 20:16:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
33
x-amz-server-side-encryption
AES256
etag
W/"d4ae11d37c865a7c5762948a6025968c"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
SP0LjYqJAPYl9OUDf_dQNCr6hcltVrmLtM2S1KEMD3Uz0WlA6dUKug==
prebid-8.30.0.js
s3.bilsyndication.com/vli-assets/prebid/default/ 		627 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Requested by
Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?q=47040a776bf0a34e9ce507c330d69a89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:492 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4c7a219afd706285884c6ccf2ea6e5e45334c11110fa00867a0401ac328147
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
ae08829c-fca7-42b2-9df6-f667bac2c9d0
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
17A76D3EACC332B6
age
678212
cf-polished
origSize=643246
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Fri, 05 Jan 2024 10:37:22 GMT
server
cloudflare
etag
W/"74a4dfa05f04583c9ad24ccee3805e13"
vary
Accept-Encoding, Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3e6pCNfUaYzXNUR6vj6Vf%2FWi5o2Z140GKdRLjTqWTwC3NlTvj5HkAWsZG8G%2FFNg6OZxoXqt%2Bbk4yf8F%2Frs%2FcDDnn0wQ%2B6eKjtTaFqeK%2Bkz340QAgMoK0rZPC62ikjjKqh7WtkFuGqwnZT7FdCAu1WAhcqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
844bc5355b6e9b28-FRA
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		375 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?q=47040a776bf0a34e9ce507c330d69a89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efaf4ad41f657cd1dc07408a59160cafa496db36c8ed259bff15ab87d80643d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131541
x-xss-protection
0
expires
Sat, 13 Jan 2024 07:01:51 GMT
sf_host.min.js
s3.bilsyndication.com/vli-assets/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.bilsyndication.com/vli-assets/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?q=47040a776bf0a34e9ce507c330d69a89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:492 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
3719e857-24af-48f6-94aa-43f986411778
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
x-amz-request-id
17A057E56E2A9753
age
2672009
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection
1; mode=block
last-modified
Tue, 05 Dec 2023 07:19:33 GMT
server
cloudflare
etag
W/"70e454e451af63d76af1fc5b9b2ce1e4"
vary
Accept-Encoding, Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQ9%2FgMKiodA1GjJPvweu8kowJanQZ2zUq%2B49p5KJDWVEyYpDdtm9xMu7sO9HvTZZ7dXQQhW%2FWRd8%2F%2F%2FgmPEeVxQDY%2BRsUhAijVYYa9fiWuCfe%2ByNdNqAxHkTKQ8%2BjOB09DYcLyVHanUKogBjJC58Dzez5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
844bc5355b6f9b28-FRA
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?q=47040a776bf0a34e9ce507c330d69a89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 06:21:10 GMT
content-encoding
gzip
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront), 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
2442
x-amz-server-side-encryption
AES256
etag
W/"d6937d02acbbf691a008906e9d0617e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
dGPp49MIml_QgKOGq1HcnNCoBZd_z7sThVqkpGpDGz73YkxnQMi1Iw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
date
Fri, 12 Jan 2024 08:57:26 GMT
x-amz-cf-pop
FRA56-C2
age
79466
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
iAcxRWpaG7OT8PVKhARtatfLmrppkPi299y12lUwVHYDoGe-8749Lg==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmy.evilmilk.com%2F&domain=my.evilmilk.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://my.evilmilk.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://my.evilmilk.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 13 Jan 2024 07:01:50 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
250998
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmy.evilmilk.com%2F&domain=my.evilmilk.com&cw=1&lsw=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://my.evilmilk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
233005
expires
0
f
fid.agkn.com/ 		0
0
prebid
id5-sync.com/api/config/ 		135 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
140e17bdd8186191131c02a6da856adbda9a3d9b961f994407e67f4caeca48e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://my.evilmilk.com
date
Sat, 13 Jan 2024 07:01:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		63 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=yoni5uv&fmt=json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
539b9d041edf0a45679726348ec83c71667634d400cd5e574ec97e2530b0d009

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://my.evilmilk.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Mon, 12 Feb 2024 07:01:51 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=27578847%2C27578847&remove=27578847&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578847%252C27578847%26remove%3D27578847%26t%3D1
0
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578847%252C27578847%26remove%3D27578847%26t%3D1
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:51 GMT
an-x-request-uuid
e90fcf09-e112-47a1-a370-1fedd67a1fde
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.40; 81.95.5.40; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:51 GMT
an-x-request-uuid
eea9a686-2d20-4d23-899b-9e9e6c72c165
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578847%252C27578847%26remove%3D27578847%26t%3D1
x-proxy-origin
81.95.5.40; 81.95.5.40; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
9cf0c4f1-7630-476b-9141-f4472e005192
config.aps.amazon-adsystem.com/configs/ 		564 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
63b57f1c807cff36d05a0cc7f364cf39cb6a00aa0769f35ed051c71e5519e804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 06:17:53 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2638
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
ZINB_ItBdNPf7DMPV6SiRNyvIQIGQSc0FAAs1A-cburyxI404SR8og==
config
c.amazon-adsystem.com/cdn/prod/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fmy.evilmilk.com&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-213.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:39:47 GMT
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
8523
x-cache
Hit from cloudfront
access-control-allow-origin
https://my.evilmilk.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
nRt7__Dl8FbBGjVkMXZ-HD3K7StX5SwTNbL21Vet88t0j5oMSYxtwQ==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240113
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
957ef24c41a21492f8e4bf181bbd2c011c0e290ecf151ab657810d8bd0d6994d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10859
x-jsd-version
1.0.1933
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21968-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-DzX4DcAumvx0/O5n9pH3A6x2HUU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSP72sGWiNVPxfX%2B3K8kLCoJ1KpcQHByEy8R%2FnNsWk35QUAqSfnjNtt97BRARKTWxcQ3cWQg1O7r18blyQFEcb83mSfvLFVxEAuTIK3EBUUnVGhARzsdwQ%2FNVJCL7BtiuJFGTCv%2F99auHpkBxe4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
844bc535eaa69bd6-FRA
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYZUZRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgfRzdNBYUyBByP-yKwP-PyZM-qMYy-qwaUwarwZtUyRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZA,YZAbYZARrdzNqdqmgfRwkjNARmNUKYMRleNplR_yszuNyqslt
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
cf-cache-status
MISS
last-modified
Sat, 13 Jan 2024 07:01:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgmWAaLCs3RhA9GhnXDeXNmDb5yEuemIl6S3ACpJKCTL%2Faru10tjBYlcQtMmCaT711vbbhxuHvcpygFQPkB6moTS8AkTuf6o2eETr9gf8SxFHTP7IRfp2rjGoBRGDTBJYMF1DUIkJpdIcoYDbDEoWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
844bc5363f223cfe-CDG
content-length
0
alt-svc
h3=":443"; ma=86400
cmp2.js
cmp.inmobi.com/tcfv2/ 		158 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=soamaps.com
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/pCNAReJk6bG2R/soamaps.com/choice.js?tag_version=V3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c31b1c28a5c2eb512c04004dc1f3961a4a4e72f1faeda9cc1f18f5718c486bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 06:04:02 GMT
content-encoding
gzip
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3470
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 06 Dec 2023 23:27:11 GMT
server
AmazonS3
etag
W/"50f82c7ed55d2acc412a5ede5e7b40f6"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
mnK6t2WBqW2nulZV7-mDH-QrhdwCVnua12DlTe14MsgRiG75osXzjw==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
6aa590adf31b123565c39e5d856cf28cdf30f5d9aa6306330ff29f3aa409920e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://my.evilmilk.com
date
Sat, 13 Jan 2024 07:01:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
cmp-list.json
cmp.inmobi.com/GVL-v2/ 		12 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=soamaps.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d15d797a944132c825a29ee8119ae1ddc689d61c7e3b403120bdd50a491a875

Request headers

Accept
application/json, text/plain, */*
Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 03:00:44 GMT
content-encoding
br
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
14467
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 13 Jan 2024 03:00:42 GMT
server
AmazonS3
etag
W/"b847650a18e2c0f968141f0334adea6d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
fe-sj29pq8DoMM0KkAKKk-GNfUKSKdj_KHUjM5vwJDTnd_yQL36heg==
cmp2ui-en.js
cmp.inmobi.com/tcfv2/50/ 		279 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=soamaps.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6fc381fc8274a8e05c221c15702c0c523d1937fc0719a1d4a9e95cc804c560f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:03:56 GMT
content-encoding
br
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
28676
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Wed, 06 Dec 2023 23:27:04 GMT
server
AmazonS3
etag
W/"1140e593a3bca4a411e76bddf0dcac5d"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
ASIVG_2xWW6BmOv86s-Mhxj6CmM7v_8V_8NO8xPOtHv6VDvuube3Kg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmy.evilmilk.com%2F&pid=g1Ay7pZ7w913d&cb=0&ws=1600x1200&v=23.1211.1645&t=1000&slots=%5B%7B%22sd%22%3A%22vi_25656728_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A6728%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&bb=[%221ny9kw%22]&schain=1.0%2C1!pubpower.io%2C358%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-47-29.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 9938d2bc2f9fab06207e42238c10bb32.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P9
x-amz-rid
7GDETJ8W6BRZ1PV17DAG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://my.evilmilk.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
bIZZf_hSZxYFVFjRfCBD9dbtGoE8paxqDbXIKR8RCTq1oP_sWPsdeA==
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v3/ 		557 KB
61 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=soamaps.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6fc04ca30e860c73b8207220bdf0757c08de38ad5f84ffa9662bf24e5392292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:03:57 GMT
content-encoding
br
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
28675
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 Jan 2024 23:59:20 GMT
server
AmazonS3
etag
W/"fdd79fbb592646544f0346fdab9aaa91"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
3zbmMa11MLCMB6M5vt6chghVYKPG9ZPZBuPPsdbYCRoeGxp1td8GnQ==
google-atp-list.json
cmp.inmobi.com/tcfv2/ 		142 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=soamaps.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce31d9147aeedb8d7b68926c635c88287c12ebd6a2ce5509b58c796d923c5042

Request headers

Accept
application/json, text/plain, */*
Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 03:00:27 GMT
content-encoding
br
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
14485
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 13 Jan 2024 03:00:25 GMT
server
AmazonS3
etag
W/"a492f89add04b92db1d8316660e8b8ec"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
s9Y9lqqnifjHC1_O4kEK1kZ0uoBTvDllb7PdqUg5XPZVLHuUlOimEQ==
529.json
id5-sync.com/g/v2/ 		251 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/529.json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
06a00ca3c896dccbfb0dd1ee8d9211b8ea77bd92fb6359dc79631973133f39c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://my.evilmilk.com
date
Sat, 13 Jan 2024 07:01:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
api.cmp.inmobi.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22pCNAReJk6bG2R%22%2C%22domain%22%3A%22my.evilmilk.com%22%2C%22publisher%22%3A%22Privacy%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.50%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22DP8daxmOht%2FITpweldSUng%22%2C%22tagVersion%22%3A%22V3%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1705129311738%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-xq0ss3dj6w3d6i21l65r%22%7D
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.88.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-88-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 13 Jan 2024 07:01:51 GMT
content-length
2
content-type
text/plain; charset=utf-8
cookie_sync
prebidserver.pixfuture.com/ 		792 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/cookie_sync
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a61544bf1f5f6c8aaf3930d0f753c2247791c5bf0941c359573673da05b68ce8

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://my.evilmilk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
792
expires
0
auction
prebidserver.pixfuture.com/openrtb2/ 		175 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
fd05441bcafb46a68769a87051c8c63495fe8bee66612b37300e804aeb94aa74

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://my.evilmilk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
/
ghb.adtelligent.com/v2/auction/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
dc0b056369f902839f460699d62209a33bd95fd3b624660960ea7aa798b47875

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Jan 2024 07:01:51 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://my.evilmilk.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
912
imp
g2.gumgum.com/hbid/ 		358 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1705129311787&to=-60&aun=4052x300x250x790x_ADSLOT11&id5id=0&pubcid=d382c8a6-ad68-4cae-8b1b-9c55f06f87a8&t=ticcez29&pi=3&maxw=300&maxh=250&si=28489&bf=300x250&schain=1.0%2C1!pixfuture.com%2C790%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fmy.evilmilk.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.16.0-pre%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f3323bb70bcd56b6f14d58f49d38adfc82ecd5bffef935214bcc242289e419ff

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:51 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://my.evilmilk.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ Frame 9FA9 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pixf_sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://cdn.pixfuture.com/
Origin
https://cdn.pixfuture.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
844bc536de1892b4-FRA
rum
cdn.pixfuture.com/cdn-cgi/ Frame 9FA9 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cdn.pixfuture.com/pixf_sync.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://cdn.pixfuture.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
844bc53738af997b-FRA
/
ads.us.e-planning.net/uspd/1/ Frame 016F
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
7856a93722a98a3e36c028cf476b591676f4016e02398c816bb46a6ea87d5fdf

Request headers

Referer
https://my.evilmilk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sat, 13 Jan 2024 07:01:52 GMT
expires
Sat, 13 Jan 2024 07:01:52 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-929

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Sat, 13 Jan 2024 07:01:52 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-929
pxft_iel.js
cdn.pixfuture.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pxft_iel.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22de3cfef032de2d4fdb9617e21c37a4e1b94d3c388eacf661428139aac3e19c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129635
cf-bgj
minify
last-modified
Fri, 09 Dec 2022 15:37:52 GMT
server
cloudflare
etag
W/"63935650-139c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOMxeivF1wkZSsq4RxMxEQii4sE0U8UBFSnGgSs8DevhmKS7MfJc80MKqSh4lOifbcTJArQvCv8738d5jItU7iIhxWZaePrIjMbBKg7GGo0YYVdpJjdh1qMMTIXP%2B%2BWWs7BQv0BFNPWWSZxFR7JQ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
844bc5389988997b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 13 Jan 2024 19:01:16 GMT
tag.min.js
get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04da339baae1948d51e6ffcd4f1f118fe304f7aef2884cd164714df856f0e7f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
0Wki3095rBiC8xDP56.qUYf2JNRTRIn7
content-encoding
gzip
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
date
Sat, 13 Jan 2024 04:07:55 GMT
last-modified
Mon, 07 Nov 2022 19:46:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
10438
etag
W/"34bbd675e8b425becff971d5a4756c10"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
hmD7CCM6EkgVZQwUhtFG7DLD8qttjhxcZ6C9QmeqdeI4ODws-Q4nzg==
300x250.gif
cdn.pixfuture.com/banners/ Frame 988A 		206 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/banners/300x250.gif
Requested by
Host: my.evilmilk.com
URL: https://my.evilmilk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b40b9489c2730f2416282d63141e3a5f1a4a1c87df05d7c3095d5dfdf784c1f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129634
content-length
210847
last-modified
Fri, 01 Sep 2023 13:59:06 GMT
server
cloudflare
etag
"64f1ee2a-3379f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXBH2fRRWcuVo5nPoF%2FQwlDkn%2FT0ujkG%2B82ooh4eaTffOhKaxgJqTnIHk04FCJzxpDF6LOLVaHr6L%2F7FdrnFiDhvG83w4v8Zhssti6L6IYj5eAoeWnNoPQ64XTyRssNpbvV3KYxRo%2BqzL7wdQrOR"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
844bc538998a997b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 13 Jan 2024 19:01:17 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
pbs.gif
sync.admanmedia.com/ Frame 016F 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D96503f28aa14c8a3%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.26 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 07:01:56 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
60
Content-Type
text/plain
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 016F 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Thu, 11 Jan 2029 07:01:51 GMT
um
u-ams03.e-planning.net/ Frame 016F
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D96503f28aa14c8a3%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=96503f28aa14c8a3&uid=ua-4578542b-00e4-3eb2-85c1-f93447689abe
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=96503f28aa14c8a3&uid=ua-4578542b-00e4-3eb2-85c1-f93447689abe
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

server
openresty
date
Sat, 13 Jan 2024 07:01:52 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=96503f28aa14c8a3&uid=ua-4578542b-00e4-3eb2-85c1-f93447689abe
pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
cache-control
no-store
content-length
0
expires
0
v1
match.sharethrough.com/universal/ Frame 016F 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.3.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-3-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
us
sync.go.sonobi.com/ Frame 016F 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D96503f28aa14c8a3%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-132
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
rtb.openx.net/sync/ Frame 016F 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D96503f28aa14c8a3%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
um
u-ams03.e-planning.net/ Frame 016F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D96503f28aa14c8a3%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=96503f28aa14c8a3&uid=5293967234649900053
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=96503f28aa14c8a3&uid=5293967234649900053
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

server
openresty
date
Sat, 13 Jan 2024 07:01:52 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
an-x-request-uuid
36d8aab5-26a2-4f53-87d1-6163443171dc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=96503f28aa14c8a3&uid=5293967234649900053
x-proxy-origin
81.95.5.40; 81.95.5.40; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 016F
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=96503f28aa14c8a3
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=96503f28aa14c8a3
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=96503f28aa14c8a3
date
Sat, 13 Jan 2024 07:01:52 GMT
server
fasthttp
content-length
0
sync
x.bidswitch.net/ Frame 016F 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.91.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-91-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
um
sync.e-planning.net/ Frame 016F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning&zcc=1&cb=1705129312205
  • https://ad.turn.com/r/cs?pid=45&rndcb=8012829588
  • https://sync.1rx.io/usersync/turn/4253344833156873496?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-fee4c498-26c0-4562-a673-199d9cd49ec3-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-fee4c498-26c0-4562-a673-199d9cd49ec3-003%26dc%3Dfc74...
  • https://sync.e-planning.net/um?uid=RX-fee4c498-26c0-4562-a673-199d9cd49ec3-003&dc=fc741bbdfeedcd57&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-fee4c498-26c0-4562-a673-199d9cd49ec3-003&dc=fc741bbdfeedcd57&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

server
openresty
date
Sat, 13 Jan 2024 07:01:52 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-fee4c498-26c0-4562-a673-199d9cd49ec3-003&dc=fc741bbdfeedcd57&iss=1
date
Sat, 13 Jan 2024 07:01:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXfee4c49826c04562a673199d9cd49ec3003
content-type
text/html
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A06F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96503f28aa14c8a3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=73321
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 13 Jan 2024 07:01:52 GMT
expires
Sun, 14 Jan 2024 03:23:53 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame B223
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D&s=190243&C=1
2 KB
829 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0180db13d4fc850a29340c6fb44a88835ee41f48c71f0f4e543785574fa954

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
844bc53948555b62-FRA
content-encoding
br
content-type
text/html
date
Sat, 13 Jan 2024 07:01:52 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkYLr1uE8brAirwcEeTIQT98e50ZjSt4DgfUzsF67m4Y1rM5uP0nKzyOVmXBW06%2FsTdVBtjLm28zl%2FtyhC8co6t%2FmavjLYZ08l1Fg24lmY3i0Loo2KnCsQAKgSrAW5ikPgc6wzx9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
844bc539184a5b62-FRA
content-length
0
date
Sat, 13 Jan 2024 07:01:52 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWRMdsdxFaTPn71jSnUZJbstkzEs8GwbpWai59PE0sqoaUi7a9NQFSiHb9dAKbkL6zliRHMqdf%2BqLVebMt1AWVdnaEoCGzgn9cvezG%2BRd6mzblKdRkh9GYfOrcPyAx3taGzS%2Bm1r"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
spl.zeotap.com/ Frame 1A5F 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f198f397655c940f8574a164704eb3a27a7314623656d57f0db435292441efd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
844bc5391f5b2c65-FRA
content-encoding
br
content-type
text/html
date
Sat, 13 Jan 2024 07:01:52 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
/
onetag-geo.s-onetag.com/ 		555 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-48.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 10:43:45 GMT
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront), 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2, FRA56-P5
age
73087
x-amzn-requestid
88e45915-2e49-4049-b856-61df5e0bba71
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
RbCrNF18iYcEWwg=
content-length
555
x-amz-cf-id
L004GdDvJaIrIvKmcwa0Ig7mXDaDWeBQGTNfw2LITu2oCdpp4unfrQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
date
Sat, 13 Jan 2024 04:39:14 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
8559
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
Qnf2gZnw9aV5I-_uAhC53qCsZPBjMpicJEi0slvnEiaMHXX1IA1ogQ==
%2F
signal-segments.s-onetag.com/desktop/my.evilmilk.com/ 		0
286 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/my.evilmilk.com/%2F
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-123.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
content-length
0
apigw-requestid
Rd1HFie1CYcEJmg=
x-amz-cf-id
mVgMGMZm18O3ZIJF1G5yvbal46PTv4cFLnUu2Hue681Lk7UNGXXpxw==
my.evilmilk.com
signal-segments.s-onetag.com/desktop/ 		0
294 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/my.evilmilk.com
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-123.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 06:46:52 GMT
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
900
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
content-length
0
apigw-requestid
Rdy6ih74iYcEJ2Q=
x-amz-cf-id
g3tWwnpLQOEqTViL3gLFJvsPwxXkkMZCd1eTWnrmjC1P2ADazwk2yg==
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://my.evilmilk.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://my.evilmilk.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Sat, 13 Jan 2024 07:01:52 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://my.evilmilk.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://my.evilmilk.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Sat, 13 Jan 2024 07:01:52 GMT
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 07:01:52 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1227332
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6n1HulrMhzT3MZB9q2avoYMBEp%2Fw63l96fQ6lWSq8XDQn8UkP0oe1nsaDT%2FW3DomjBpkiamoFQmRmF%2BT2xJOI%2FKtdFVyP%2Ftb3FuL9HCgUbd%2BkUHh1ZklOAXsFlUti06Od4zAbZwtmAGi22P5"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
844bc5394f2f9bd0-FRA
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://my.evilmilk.com
date
Sat, 13 Jan 2024 07:01:52 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
useast.quantumdex.io/auction/ 		0
289 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, GET
access-control-allow-origin
https://my.evilmilk.com
access-control-allow-credentials
true
cf-ray
844bc5394aaa2bc1-FRA
alt-svc
h3=":443"; ma=86400
/
prebid.smilewanted.com/ 		0
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://my.evilmilk.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
844bc5394eed9217-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid
mp.4dex.io/ 		60 B
473 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sat, 13 Jan 2024 07:01:52 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: vi_25656728_1
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://my.evilmilk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
844bc5395bf265ae-FRA
expires
0
c
prebid.a-mo.net/a/ 		0
170 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Sat, 13 Jan 2024 07:01:51 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://my.evilmilk.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid-request
onetag-sys.com/ 		15 B
412 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://my.evilmilk.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
header
hb.aralego.com/ 		0
177 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2644E22BA2369714E33678399B7AE3&tdid=&schain=&eids=&u=https%3A%2F%2Fmy.evilmilk.com%2F&host=my.evilmilk.com&ucfUid=de2bd31b-069e-41b6-ae01-24e985f725f8&w=300&h=250&format=300%2C250%3B250%2C250%3B200%2C200%3B180%2C150&usprivacy=1---
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://my.evilmilk.com
date
Sat, 13 Jan 2024 07:01:51 GMT
access-control-allow-credentials
true
connection
close
header
hb.aralego.com/ 		0
177 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47BD223BB9E99686F39B2D3499E88AE&tdid=&schain=&eids=&u=https%3A%2F%2Fmy.evilmilk.com%2F&host=my.evilmilk.com&ucfUid=de2bd31b-069e-41b6-ae01-24e985f725f8&w=300&h=168&format=300%2C168&usprivacy=1---&atype=2
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://my.evilmilk.com
date
Sat, 13 Jan 2024 07:01:52 GMT
access-control-allow-credentials
true
connection
close
unruly_prebid
targeting.unrulymedia.com/ 		11 B
205 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://my.evilmilk.com
pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
unruly_prebid
targeting.unrulymedia.com/ 		11 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://my.evilmilk.com
pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		250 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ebd71ba9eaf11215076c5d7c5a1008c41c62df60cd56a85fec1e4ca27cd5fc53
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
an-x-request-uuid
15c9ebaa-dcdb-45b1-960a-c466fef4da8a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://my.evilmilk.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.40; 81.95.5.40; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
250
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYZUZRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgfRmNUKYMRzdNMwKUTqTY-MqrA-PBrB-MtrZ-PAYTBTeteyqBRlmNBAAbYZARdzNwqfftkRqxeNco_YZUZUKYM_TRwkjNTR_yszuNyqsltRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZA,qxzgRwlNkzwigxlt,jxqfzxdrtb,ldostvqfztr,qrquog,qdb,gftzqu,xeyxffts,xfkxsn,gyzdtroqRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
cf-cache-status
MISS
last-modified
Sat, 13 Jan 2024 07:01:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wM%2Bo0M2A70aNYZc1UJ05rFB67BaOWc9A%2FgYDWQpMZKBWO0%2FA21oZAmt3TnPoq8hsOKkkxlyeN7%2FG0CznrIXPRPPnI6R6EB4PXOwpPezZ6yukD6XUPiFpGRn3ENRMD9rJHDUppx2rcuwM18Xmu0Eoiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
844bc53939f53cfe-CDG
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYZUZRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgfRmNUKYMRzdNAeZwaeUe-Kyyt-PZyy-wewa-TePZZPyPPPAURlmNBAAbTUMRdzNcortg%20gxzlzktqdRqxeNco_YZUZUKYM_T_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNBAAbTUMRwlNjxqfzxdrtb,qdb,gftzqu,xeyxffts,xfkxsn,gyzdtroqRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
cf-cache-status
MISS
last-modified
Sat, 13 Jan 2024 07:01:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mLWU8%2FYtGw6Xlkrcq9RKzHP4rFPV7faYxxH0NZ9rc1q0LUBClTV9CAGxMDcNSd0DmHb%2Bm1Z8v1Xavtvtj4C8bs7W4HwW44W6DtFID2ipTzrdDDGpzzvNr%2F0anrIK%2Bt58eeMJPMxpKui%2Ff5LEmiqVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
844bc53939f73cfe-CDG
content-length
0
alt-svc
h3=":443"; ma=86400
getuid
ib.adnxs.com/ Frame 1A5F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 1A5F 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 1A5F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=a86ce18a-9d43-4a0c-b59f-15c325f729bb&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=a86ce18a-9d43-4a0c-b59f-15c325f729bb&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
844bc539dff32c65-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Sat, 13 Jan 2024 07:01:52 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=a86ce18a-9d43-4a0c-b59f-15c325f729bb&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 1A5F 		0
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 1A5F 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6f31e70e-a4af-4984-4e96-590375312a75%26reqId%3Dcf51955f-9101-4169-6fb5-75eae02983eb%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
server
Kestrel
content-length
70
content-type
image/gif
cm
trc.taboola.com/sg/zeotap/1/ Frame 1A5F 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 varnish
x-served-by
cache-fra-etou8220038-FRA
server
nginx
x-timer
S1705129312.231107,VS0,VE10
x-fastly-to-nlb-rtt
7577
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
u
dmp.v.fwmrm.net/ad/ Frame 1A5F 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f16:e61:3f01:9802:108e:78ba:29ea Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:52 GMT
X-Fw-Request-Id
umo0447_1705129312792619821
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1A5F 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6f31e70e-a4af-4984-4e96-590375312a75%26reqId%3Dcf51955f-9101-4169-6fb5-75eae02983eb%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 13 Jan 2024 07:01:51 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame 1A5F 		0
0
mw
mwzeom.zeotap.com/ Frame 1A5F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6f31e70e-a4af-4984-4e96-590375312a75&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6f31e70e-a4af-4984-4e96-590375312a75&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=78916886434790314242158371810373251452&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=78916886434790314242158371810373251452&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
844bc53a18292c65-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

dcs
dcs-prod-irl1-2-v054-06a768924.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
R1gHFeIVRYs=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://mwzeom.zeotap.com/mw?cid=78916886434790314242158371810373251452&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 1A5F 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
zeotap.php
bn01.er.bemail.it/ Frame 1A5F 		0
0
mw
mwzeom.zeotap.com/ Frame 1A5F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7323474630495434902&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7323474630495434902&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
844bc539bfdd2c65-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7323474630495434902&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Date
Sat, 13 Jan 2024 07:01:52 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 1A5F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=6f31e70e-a4af-4984-4e96-590375312a75
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=6f31e70e-a4af-4984-4e96-590375312a75
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=6f31e70e-a4af-4984-4e96-590375312a75
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 13 Jan 2024 07:01:52 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=6f31e70e-a4af-4984-4e96-590375312a75
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 1A5F
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6f31e70e-a4af-4984-4e96-590375312a75&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6f31e70e-a4af-4984-4e96-590375312a75&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=sO71Cb/SpBZErSssLwgcf.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-41...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=sO71Cb/SpBZErSssLwgcf.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
844bc539e8042c65-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:51 GMT
via
1.1 google
last-modified
Sat, 13 Jan 2024 07:01:52 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=sO71Cb/SpBZErSssLwgcf.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 1A5F 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=6f31e70e-a4af-4984-4e96-590375312a75&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.81 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 1A5F
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=6f31e70e-a4af-4984-4e96-590375312a75?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
844bc53a78692c65-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
cache-control
no-cache
x-server
10.45.15.168
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 1A5F
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-SzYYSD5E2ooBDyyCcD1c6maEJQhJTqUSwA--~A&zpartnerid=570&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-SzYYSD5E2ooBDyyCcD1c6maEJQhJTqUSwA--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
844bc53a58592c65-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-SzYYSD5E2ooBDyyCcD1c6maEJQhJTqUSwA--~A&zpartnerid=570&env=mWeb
date
Sat, 13 Jan 2024 07:01:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 1A5F
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=W0f%2Bou8BkjaopjCqQcD%2FD%2FNcwhYnwWs0%2BS41iYitP1U%3D
95 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=W0f%2Bou8BkjaopjCqQcD%2FD%2FNcwhYnwWs0%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
844bc5397fb52c65-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=W0f%2Bou8BkjaopjCqQcD%2FD%2FNcwhYnwWs0%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 1A5F 		42 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=6f31e70e-a4af-4984-4e96-590375312a75&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 1A5F 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.208.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-208-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-served-by
beacon-n006-dub-prod.krxd.net
date
Sat, 13 Jan 2024 07:01:52 GMT
cache-control
private, no-cache, no-store
x-request-time
D=42 t=1705129312
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 1A5F 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=6f31e70e-a4af-4984-4e96-590375312a75&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.90.211.246 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:40 GMT
x-powered-by
PHP/8.2.4
server
nginx/1.14.1
cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame 1A5F 		0
0
usermatch.gif
beacon.krxd.net/ Frame 1A5F
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae029...
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
54.246.208.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-208-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-served-by
beacon-n013-dub-prod.krxd.net
date
Sat, 13 Jan 2024 07:01:52 GMT
cache-control
private, no-cache, no-store
x-request-time
D=63 t=1705129312
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
date
Sat, 13 Jan 2024 07:01:52 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a019-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1A5F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6f31e70e-a4af-4984-4e96-590375312a75&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e9...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6f31e70e-a4af-4984-4e96-590375312a75&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e9...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6f31e70e-a4af-4984-4e96-590375312a75&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9JFX9S0VYEDGSNXG1G1Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8M79GXZMJZBEKG4EWM1Z
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6f31e70e-a4af-4984-4e96-590375312a75&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 1A5F 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=6f31e70e-a4af-4984-4e96-590375312a75&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 1A5F
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6f3...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
844bc53b29102c65-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
date
Sat, 13 Jan 2024 07:01:52 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame 1A5F 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=6f31e70e-a4af-4984-4e96-590375312a75&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncd
x.bidswitch.net/ Frame 1A5F 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=6f31e70e-a4af-4984-4e96-590375312a75&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6f31e70e-a4af-4984-4e96-590375312a75%26reqId%3Dcf51955f-9101-4169-6fb5-75eae02983eb%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.91.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-91-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 1A5F 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
844bc53a98812c65-FRA
access-control-allow-headers
*
content-length
95
mw
mwzeom.zeotap.com/ Frame 1A5F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=6f31e70e-a4af-4984-4e96-590375312a75&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
  • https://mwzeom.zeotap.com/mw?cid=p6eDWKKn1Fq8oYRa9fTPX6argFq8pIYJpqYF7o15&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=6f31e70e-a4af-498...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=p6eDWKKn1Fq8oYRa9fTPX6argFq8pIYJpqYF7o15&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=6f31e70e-a4af-4984-4e96-590375312a75&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
844bc53aa8902c65-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://mwzeom.zeotap.com/mw?cid=p6eDWKKn1Fq8oYRa9fTPX6argFq8pIYJpqYF7o15&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=6f31e70e-a4af-4984-4e96-590375312a75&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cmp.min.js
spl.zeotap.com/ Frame 1A5F 		557 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79c7ce9db71b051751b5f081bc2f590718f0b4facd3a27bdd4fc116af8341cba
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
844bc5395f962c65-FRA
access-control-allow-headers
*
PugMaster
image6.pubmatic.com/AdServer/ Frame A06F 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27833530&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
content-length
0
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 016F 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:06:44 GMT
content-encoding
gzip
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
24909
x-amz-server-side-encryption
AES256
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
aZdGBDPBODdEGBrutpWLNX_OWg-k64VryXVKSYkzQUKReJCgqIMMDg==
15581
rtb.gumgum.com/usync/ Frame C68B 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ee6f3cd75f489dae92e1fe88dd79bf588445e10be056a751f301b24edfdca78b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 13 Jan 2024 07:01:52 GMT
etag
W/"073df4561ac9af84b7bb5e130187ada08"
server
nginx
timing-allow-origin
*
setuid
prebidserver.pixfuture.com/ Frame FDB6 		0
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=ANzyhluERh2AYbQF
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Sat, 13 Jan 2024 07:01:52 GMT
expires
0
pragma
no-cache
vary
Origin
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 07:01:52 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1688271
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOZrlks3y61oztQCE7r66Vs8idKdY%2B3JGISx5ibSyU4%2BjJLXajreTJi9rZH3XFIvAzrVKXN4FywaX4UPiRvm0bwdfUhJTHWoNLL2NSisgCJBLxGjWRn%2FalbDEAdtZM6H53yEx%2FWNOHzCSNOv"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
844bc539790b0404-FRA
casale
match.adsrvr.org/track/cmf/ Frame B223 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame B223
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZaI1YPICIG.evZD1bvHNgwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAqE4uBBMQDGVPIkOsYt6Y0&google_cver=1&google_hm=2
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAqE4uBBMQDGVPIkOsYt6Y0&google_cver=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D&s=190243&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxJIAa9dgv367oW8ZswIETWcEnPwpVi0P25GAq6NpQuse5SHMmn7yp%2Be6ncrj7Gvrur3Z0dG3wXsObxDbQH0c6zRXSKknleLRPmv3lV%2BEsFJZhE%2F%2FhTaU%2FfIbKILo9wW7aRM%2BZy7H60xRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844bc539dd48194d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAqE4uBBMQDGVPIkOsYt6Y0&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
501709.gif
idsync.rlcdn.com/ Frame B223
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaI1YPICIG.evZD1bvHNgwAA%261181&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaI1YPICIG.evZD1bvHNgwAA%261181&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=ffe83462df864782a6c91623ff86426a
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=ffe83462-df86-4782-a6c9-1623ff86426a
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=207e64f9-2433-4417-83d9-94ed63cde464%3A1705129312.988642&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D207e64f9-2433-4417-83d9-94ed63cd...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084929395100999&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D207e64f9-2433-4417-83...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=207e64f9-2433-4417-83d9-94ed63cde464%3A1705129312.988642&_=1705129312.991065
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=207e64f9-2433-4417-83d9-94ed63cde464%3A1705129312.988642&_=1705129312.991065
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D&s=190243&C=1
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Sat, 13 Jan 2024 07:01:53 GMT
via
1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA60-P1
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=207e64f9-2433-4417-83d9-94ed63cde464%3A1705129312.988642&_=1705129312.991065
content-length
443
x-amz-cf-id
6yd9eJ0GIyg_-sc9u5X-BoQJAyUVZe_fgZoqfbJsUnwDeyIYcgmjYQ==
usermatchredir
ssum-sec.casalemedia.com/ Frame B223
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGVR2SpAaUdlrwCloMVUCtk&google_cver=1
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGVR2SpAaUdlrwCloMVUCtk&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D&s=190243&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JY2P%2FFjaWWjAMgIT3u5ttOoJf3lgwA5TpFwODGCnl%2Fuoj8fpAjMu3NoLi7%2FSz8y%2FVdjmN4WQ9b0h6jPNAztxnsUNVwkXGyDTXazAFiclJEoicjXgZXVBSnuKI4qgUvjIb%2B%2BwZQAOWwjTMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844bc539e88a5b62-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGVR2SpAaUdlrwCloMVUCtk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B223
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D&s=190243&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNn4ATAU0Nnh0PyIsOEf2cD2XggXdd1HhHASlHdru2R%2FCCzAKltGCRns7sSxeinWniTBmAMrMM1ieD6sk4QnyvJ1WLKG2AxnUGo0UYHA3%2BYPBW0rpHNeoFI8TBmIy70vpyY6wLiGG6ztaw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844bc53c2f59194d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame B223
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720854112&external_user_id=f4860797-a00b-46a6-83e5-abe6b0ca3ede
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720854112&external_user_id=f4860797-a00b-46a6-83e5-abe6b0ca3ede
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D&s=190243&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzfDUB29b%2BKuo3VElqy2%2B4hiB16cHmdP8lY3CNQUd5Av12ndVfyLM5H0m7uNUpIh9ONsoZHwxdeLAPH%2BDIHYHNCwYz7M%2FnLBgxGjEwjdWFiktumZfrpyK6lHgRfRZoCnjRK8UBC7BFV47A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844bc53a7dcb194d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 13 Jan 2024 07:01:52 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720854112&external_user_id=f4860797-a00b-46a6-83e5-abe6b0ca3ede
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame B223
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=z2d96spnKujUYXronTQx7c5rfujUZHi7zmZ-zjom
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=z2d96spnKujUYXronTQx7c5rfujUZHi7zmZ-zjom
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D&s=190243&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auavKftIhph%2FIWzphRzoXEUvysu6Gp2RllA2dU5VyeqM2SmIZT4sBD1Y5amdq7dXIGrH2UBG5c7b87qIJVlhzo90EWsRwy6ffV83%2FGoq%2Bz7iH24McOksEDcsAkUOne4egSx52fMIwRoQQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844bc539bd28194d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=z2d96spnKujUYXronTQx7c5rfujUZHi7zmZ-zjom
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B223
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4181287239118945560
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4181287239118945560
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D&s=190243&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfPi6rLMuxCB1nIjyGSv5WRwHDVmsXRa8AJjDLTUyS7llI0Q5adijbGsoW3rMvGzsvOupHZluW714tppTldxKPVkH68WY4Tc5CqREAQpoAIz%2FJdbwzJkmfgdmJ0%2Fo9uf%2FtIeckApRUuVvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844bc539fd68194d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4181287239118945560
pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
um
u-ams03.e-planning.net/ Frame B223 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=96503f28aa14c8a3&uid=ZaI1YPICIG.evZD1bvHNgwAA%261181
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D96503f28aa14c8a3%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

server
openresty
date
Sat, 13 Jan 2024 07:01:52 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame C68B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5293967234649900053
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5293967234649900053
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
an-x-request-uuid
9e382637-c7ec-40f1-ae0d-05e7dd145ea4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=5293967234649900053
x-proxy-origin
81.95.5.40; 81.95.5.40; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame C68B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_aac71229-92e1-45ff-901f-1292d916c5c2&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_aac71229-92e1-45ff-901f-1292d916c5c2&gdpr=&gdpr_consent=&us_privacy=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
H2
Server
18.193.91.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-91-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985
date
Sat, 13 Jan 2024 07:01:52 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cm
us-u.openx.net/w/1.0/ Frame C68B 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame C68B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-39276bb2-0f53-5443-4b1c-105d64281d26$ip$81.95.5.40
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-39276bb2-0f53-5443-4b1c-105d64281d26$ip$81.95.5.40
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-39276bb2-0f53-5443-4b1c-105d64281d26$ip$81.95.5.40
Date
Sat, 13 Jan 2024 07:01:52 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame C68B 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:44eb:b5a2:2ad7:b31f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame C68B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=38128f65-5b81-48a5-b503-3774fcd30a09
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=38128f65-5b81-48a5-b503-3774fcd30a09
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=38128f65-5b81-48a5-b503-3774fcd30a09
Date
Sat, 13 Jan 2024 07:01:52 GMT
Connection
keep-alive
X-CI-RTID
7ab57adc-a5bf-49fe-be7d-c55423efbfbf
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame C68B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame C68B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_aac71229-92e1-45ff-901f-1292d916c5c2&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame C68B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=pmBkBjza2StB&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=pmBkBjza2StB&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
H2
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:52 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=pmBkBjza2StB&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-hcncl
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame C68B 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.229 , France, ASN16276 (OVH, FR),
Reverse DNS
ip229.ip-217-182-178.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:51 GMT
content-length
0
um
sync.e-planning.net/ Frame C68B 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=96503f28aa14c8a3&uid=e_aac71229-92e1-45ff-901f-1292d916c5c2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

server
openresty
date
Sat, 13 Jan 2024 07:01:52 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame A456
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=8134709458298602181&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=8134709458298602181&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Jan 2024 07:01:52 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 13 Jan 2024 07:01:52 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=8134709458298602181&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame A4D5 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYWM3MTIyOS05MmUxLTQ1ZmYtOTAxZi0xMjkyZDkxNmM1YzI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 07:01:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5C35 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=73321
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 13 Jan 2024 07:01:52 GMT
expires
Sun, 14 Jan 2024 03:23:53 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 35EF 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sat, 13 Jan 2024 07:01:52 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 65D5
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaI1YMCo8XwAAB1mxpwAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZaI1YMCo8XwAAB1mxpwAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Jan 2024 07:01:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 13 Jan 2024 07:01:52 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZaI1YMCo8XwAAB1mxpwAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
5
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40287.dc2p.scaleout.jp
X-SO-IP
81.95.5.40
X-SO-Key
ZaI1YMCo8XwAAB1mxpwAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZaI1YMCo8XwAAB1mxpwAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40287"}
X-SO-LB-Hostname
m-tgng24.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40287
usersync
usersync.gumgum.com/ Frame 5F68
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=-g1FSJFLnKSoeGzYylVO99GNdpCAEZdZFSZ8piw7LRc&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=-g1FSJFLnKSoeGzYylVO99GNdpCAEZdZFSZ8piw7LRc&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Jan 2024 07:01:52 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 13 Jan 2024 07:01:52 GMT Sat, 13 Jan 2024 07:01:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=-g1FSJFLnKSoeGzYylVO99GNdpCAEZdZFSZ8piw7LRc&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 0215
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D96503f28aa14c8a3%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Jan 2024 07:01:52 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 13 Jan 2024 07:01:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 0215 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0959086c1458b1a0a9c99630cc49197a7b11f3f741dd87a07c6063f6302d890a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 07:01:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Jan 2024 12:02:37 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18069
Connection
keep-alive
Content-Length
10964
Expires
Sat, 13 Jan 2024 12:03:01 GMT
/
services.bilsyndication.com/passback/ Frame F456 		275 B
555 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.bilsyndication.com/passback/?t=1705122185&d=2565&z=6728&divID=vi_25656728_1&w=300&h=250&geo=DE&hn=my.evilmilk.com
Requested by
Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?q=47040a776bf0a34e9ce507c330d69a89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:492 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e07ced41b86569ec017ad04ad16b7a659510b9d4b270c3d4d2eb6f137fe8185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 13 Jan 2024 07:01:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYg%2Bez3VVSeN3fzuBvVFH3XhlPWjciZ6kJw8ws7pv8HMWlkFVcZ5RSl1MoZn8K67BhijoOeC6bEZdr603XzmNAu92yTy%2FwlgUYGHa77qCKoeVyCRqwta4gfGacZtWrr8FPFvAE6AbGRJMX2srx7jxfDsgFNQrh9jTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
844bc53baf779b28-FRA
alt-svc
h3=":443"; ma=86400
ads.js
served-by.pixfuture.com/www/delivery/ Frame F456 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/ads.js
Requested by
Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/passback/?t=1705122185&d=2565&z=6728&divID=vi_25656728_1&w=300&h=250&geo=DE&hn=my.evilmilk.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
c839a0b02171ddc076c247aa0193d3e4058287a213d338b39bc43eb651ecfd78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
last-modified
Fri, 29 Dec 2023 14:55:57 GMT
accept-ranges
bytes
content-length
3041
content-type
text/javascript; charset=utf-8
khaos.json
token.rubiconproject.com/ Frame 0215 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
Expires
0
ads.js
served-by.pixfuture.com/www/delivery/ Frame F456 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/ads.js?pxft_dis_v=2.62
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/ads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
c839a0b02171ddc076c247aa0193d3e4058287a213d338b39bc43eb651ecfd78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
last-modified
Fri, 29 Dec 2023 14:55:57 GMT
accept-ranges
bytes
content-length
3041
content-type
text/javascript; charset=utf-8
hb_v2.js
cdn.pixfuture.com/ Frame F456 		54 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/hb_v2.js?pxft_dis_v=2.62
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/ads.js?pxft_dis_v=2.62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
929f0951169f5f8aeda75cc244a601b1e5621f503134d01001b04b9fa4e96fb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129635
cf-bgj
minify
last-modified
Tue, 09 Jan 2024 18:51:19 GMT
server
cloudflare
etag
W/"659d95a7-d89b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29efoS1aTEucZEerWpoziuhszeK%2BvJbhNZBmnEa9oMC8HCbuWp2mL3oMqaH8eBKuxMQtHAoMi%2F76FkFs91gqZ6MyEGt9EuF7cyKkac%2FV882xOzejln34U9GUXXjemmpP%2BUAW%2BJ88G8tPNA%2FWKF2n"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
844bc53e6d84997b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 13 Jan 2024 19:01:16 GMT
setuid
prebidserver.pixfuture.com/ Frame FA68
Redirect Chain
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
  • https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
0
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.evilmilk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Sat, 13 Jan 2024 07:01:53 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
content-length
0
location
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
strict-transport-security
max-age=15552000
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F456 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js?pxft_dis_v=2.62
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4628ec931909bc11a2f6cfd871f9c9e6084ea46f2c7a795e9cb71cfee60772dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29545
x-xss-protection
0
server
cafe
etag
368 / 19735 / m202401040101 / config-hash: 6457213104751266546
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 07:01:53 GMT
pbix.js
cdn.pixfuture.com/ Frame F456 		396 KB
397 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pbix.js?pxft_dis_v=2.62
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js?pxft_dis_v=2.62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e4196faa28def3b310eed8c11827e29b55f9f3d2bfdd31d3d72669fea7f8c92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129624
cf-polished
origSize=406706
cf-bgj
minify
last-modified
Thu, 19 Jan 2023 19:53:47 GMT
server
cloudflare
etag
W/"63c99fcb-634b2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYSuP2v3mHc3B97Q3EOg8Vrtz67%2FD5powlkDx%2BpcGjcOasBtX6R5YbiLtiQV6ttFFbEfI8PcMIxWksSvbYx5g%2BcNIFVl43Bxa6Vd8YOVH8NFYZJI%2FIzhqkTGkBvF9wCmTHKpNQpqW6J915%2F1Dmkl"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
844bc53ebdc0997b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 13 Jan 2024 19:01:17 GMT
pixf_sync.html
cdn.pixfuture.com/ Frame 1565 		925 B
898 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pixf_sync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js?pxft_dis_v=2.62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0f5299cde479d9dd932a72380d830e97f535994cfb38540bc60d4b534e8a0c0

Request headers

Referer
https://my.evilmilk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
844bc53ebdc6997b-FRA
content-encoding
br
content-type
text/html
date
Sat, 13 Jan 2024 07:01:53 GMT
last-modified
Wed, 07 Dec 2022 20:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79FeHlwCYY5JEA7FKw9%2FxBOnedD9lzWwJyJ8YeTpWT7s8zUtkogSQT8rfbgKs3nZHQbWB%2BaOO444ydwnsN%2FGUF7%2FR8iG34EW1qrUpPyW0wpYzbk1mQA1K%2F0V%2FvVUrOfvRsviIguDLyUDRfiKtTZc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
r.js
aa.agkn.com/adscores/ Frame F456 		0
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js?pxft_dis_v=2.62
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.134.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-134-82.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
expires
0
hb_v2.php
served-by.pixfuture.com/www/delivery/ Frame F456 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=4052x300x250x790x_ADSLOT300my&keywords=&refUrl=https://my.evilmilk.com/&refresh=false&innerWidth=1600&cb=1705129313075
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js?pxft_dis_v=2.62
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
3076b0170c1c677054812ae2dd1866460687aeab712a9304ba8dc019590b84e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
transfer-encoding
chunked
content-type
application/json
access-control-allow-origin
https://my.evilmilk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Pragma,Access-Control-Max-Age,Expires,Vary,Cache-Control,Access-Control-Allow-Origin
expires
0
/
ads.us.e-planning.net/uspd/1/ Frame 4073 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
f19c2ce9d8e7a098a72218784daa3336efe3d1b6bd253d4ca8094827fc41bd22

Request headers

Referer
https://my.evilmilk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sat, 13 Jan 2024 07:01:53 GMT
expires
Sat, 13 Jan 2024 07:01:53 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-929
csync
sync.adtelligent.com/ Frame 3C13
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26...
  • https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=8134709458298602181&traffic_source=snippet&session=1FA998684CE4FCFB&sp=500592&pb=305453&c=709112&a=743293&domain=https://my.evilmilk.com/&gdp...
43 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=8134709458298602181&traffic_source=snippet&session=1FA998684CE4FCFB&sp=500592&pb=305453&c=709112&a=743293&domain=https://my.evilmilk.com/&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://my.evilmilk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sat, 13 Jan 2024 07:01:52 GMT
Etag
6dfc3a0e1efac124
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Sat, 13 Jan 2024 07:01:53 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=8134709458298602181&traffic_source=snippet&session=1FA998684CE4FCFB&sp=500592&pb=305453&c=709112&a=743293&domain=https://my.evilmilk.com/&gdpr=0&gdpr_source=&gdpr_consent=
server
nginx
csync
sync.adtelligent.com/ Frame CD5E
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D...
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=1FA998684CE4FCFB&sp=500592&pb=305453&c=750708&a=754412&domain=https://my.evilmilk.com/&gdpr=0&gdpr_sou...
43 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=1FA998684CE4FCFB&sp=500592&pb=305453&c=750708&a=754412&domain=https://my.evilmilk.com/&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://my.evilmilk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sat, 13 Jan 2024 07:01:52 GMT
Etag
6dfc3a0e1efac124
Server
Adtelligent

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Sat, 13 Jan 2024 07:01:53 GMT
expires
Sat, 13 Jan 2024 07:01:53 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=1FA998684CE4FCFB&sp=500592&pb=305453&c=750708&a=754412&domain=https://my.evilmilk.com/&gdpr=0&gdpr_source=&gdpr_consent=
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
/
ssc-cms.33across.com/ps/ Frame C818 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Referer
https://my.evilmilk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
server
33XP001
x-33x-status
2000208
9.gif
id5-sync.com/s/441/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 13 Jan 2024 07:01:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
sync
x.bidswitch.net/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.91.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-91-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pbs.gif
sync.admanmedia.com/ Frame 4073 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D0ce520e214d25a23%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.26 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 07:01:57 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
60
Content-Type
text/plain
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 4073 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Thu, 11 Jan 2029 07:01:52 GMT
um
u-ams03.e-planning.net/ Frame 4073
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D0ce520e214d25a23%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=0ce520e214d25a23&uid=ua-4578542b-00e4-3eb2-85c1-f93447689abe
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=0ce520e214d25a23&uid=ua-4578542b-00e4-3eb2-85c1-f93447689abe
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

server
openresty
date
Sat, 13 Jan 2024 07:01:53 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=0ce520e214d25a23&uid=ua-4578542b-00e4-3eb2-85c1-f93447689abe
pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
cache-control
no-store
content-length
0
expires
0
v1
match.sharethrough.com/universal/ Frame 4073 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.3.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-3-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
us
sync.go.sonobi.com/ Frame 4073 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D0ce520e214d25a23%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-132
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
rtb.openx.net/sync/ Frame 4073 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D0ce520e214d25a23%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
um
u-ams03.e-planning.net/ Frame 4073
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D0ce520e214d25a23%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=0ce520e214d25a23&uid=5293967234649900053
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=0ce520e214d25a23&uid=5293967234649900053
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

server
openresty
date
Sat, 13 Jan 2024 07:01:53 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
an-x-request-uuid
c1e3c81f-1577-4200-b8e9-a4ca7672dab7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=0ce520e214d25a23&uid=5293967234649900053
x-proxy-origin
81.95.5.40; 81.95.5.40; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 4073
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=csuid_8a83adcc-2cf2-4063-8665-3ee710be3034&dc=b337141cfdc8cf59&fi=0ce520e214d25a23
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=csuid_8a83adcc-2cf2-4063-8665-3ee710be3034&dc=b337141cfdc8cf59&fi=0ce520e214d25a23
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

server
openresty
date
Sat, 13 Jan 2024 07:01:53 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=csuid_8a83adcc-2cf2-4063-8665-3ee710be3034&dc=b337141cfdc8cf59&fi=0ce520e214d25a23
date
Sat, 13 Jan 2024 07:01:53 GMT
server
fasthttp
content-length
0
sync
x.bidswitch.net/ Frame 4073 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.91.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-91-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 4073
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=eplanning
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8752952355
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8752952355
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
etag
RXfee4c49826c04562a673199d9cd49ec3003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8752952355
cache-control
no-store, no-cache, must-revalidate
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1424 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D0ce520e214d25a23%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=73320
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 13 Jan 2024 07:01:53 GMT
expires
Sun, 14 Jan 2024 03:23:53 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 0BDA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0ce520e214d25a23%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7a89710c83d02d641be0d2d3cf60f2103eb8cadd9a05fa20e0c1eb88d378819

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
844bc53f0a7c194d-FRA
content-encoding
br
content-type
text/html
date
Sat, 13 Jan 2024 07:01:53 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMH5H%2Fud8NgII4563HfexE0UFxigS8%2BmgKSCSwnc51Q1oU9skN%2Bs2VZLPItyq4LDKlJlZP2NeAj4Ns3IYsz0RIHS6k0QkOv7jRxe14hLPDuGVfC3HNKgLqMKUpGp6VrI7PL20I5i"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
spl.zeotap.com/ Frame 452D 		760 B
816 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
389e09221dad7fd413666711ce5e0c66d6ea1ea612c06b62af6445ad86bee3bf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
844bc53f0c172c65-FRA
content-encoding
br
content-type
text/html
date
Sat, 13 Jan 2024 07:01:53 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/ Frame F456 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3399f73a829693c7f1b48d5165488b2794b4449ba99e71e3965416d80a19e329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 06:50:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
679
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140168
x-xss-protection
0
server
cafe
etag
17101759845534740898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 12 Jan 2025 06:50:34 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 4073 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 00:06:44 GMT
content-encoding
gzip
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
24910
x-amz-server-side-encryption
AES256
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ieYU8nlFOIRbctsvC5vUjjKRdkEwuics4kXRlGEONGQ7Et1bX4epAw==
dcm
s.amazon-adsystem.com/ Frame 0BDA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P38SRPNQ47RMA0N3YVZ9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KCQSMFPFYTMPJPRRDFMJ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
live_intent_sync
x.dlx.addthis.com/e/ Frame 0BDA
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaI1YPICIG.evZD1bvHNgwAA%261181&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ffe83462-df86-4782-a6c9-1623ff86426a
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ffe83462-df86-4782-a6c9-1623ff86426a&rd=Y
43 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ffe83462-df86-4782-a6c9-1623ff86426a&rd=Y
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
H2
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 13 Jan 2024 07:01:53 GMT
pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=ffe83462-df86-4782-a6c9-1623ff86426a&rd=Y
pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Sat, 13 Jan 2024 07:01:53 GMT
crum
dsum-sec.casalemedia.com/ Frame 0BDA
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5293967234649900053
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5293967234649900053
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSShJJ1g%2Fhw%2BQM9IfJNHqKNYt1iZy1Z2AMvlyyJ5jAFmwayk69nr%2FLuiZ23FTFEAF2NuElBITa7Mix5CCX%2Bf71XnF7xRpXvMVLhWeJvmzfNrRFYenaY%2Bk7bLLHs0KGTtf8fQxqEmmdZxXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844bc53f6ad5194d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
an-x-request-uuid
f26c54f1-ed8d-4b33-80bf-bbc7f3273199
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5293967234649900053
x-proxy-origin
81.95.5.40; 81.95.5.40; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0BDA 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:44eb:b5a2:2ad7:b31f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum.casalemedia.com/ Frame 0BDA
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1705215713
43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1705215713
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qh4czJ%2BvnBTWyaAbWF9e8j6fww1IaCdeCV8A6CsMEQrr4gBJcoknX6sQm0rzQhLNTgO3C7VgMFRvDv%2FGcb%2BYJR6k0KNcPVfp%2BmB%2FXoenxf0k3psQxs3TNTUwjBdoccUf9YQa0Vt0"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844bc5405b725b62-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1705215713
pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
casale
match.adsrvr.org/track/cmf/ Frame 0BDA 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 0BDA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JBvctCsp1Roy1H5
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JBvctCsp1Roy1H5
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9UG33wKV5icm3kZXrLQt9XJqO789lqSgYtdHJ3%2F5sRueDDYxCJWGGhNRDQrSSA4cOfNXlp%2BzKRbMoLCc1MGTFKNdugqI5XLn%2F2kn8vh7jrOuIV62cXtyVD%2F%2BALoBOPQekepLklC36IBKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844bc53fab17194d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:52 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JBvctCsp1Roy1H5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 0BDA 		0
0
um
u-ams03.e-planning.net/ Frame 0BDA 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=0ce520e214d25a23&uid=ZaI1YPICIG.evZD1bvHNgwAA%261181
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

server
openresty
date
Sat, 13 Jan 2024 07:01:53 GMT
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 452D
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6f3...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=9d8e44c9-4508-4a3d-5b9a-7f752d09f4fa&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=9d8e44c9-4508-4a3d-5b9a-7f752d09f4fa&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
844bc53f7c702c65-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=9d8e44c9-4508-4a3d-5b9a-7f752d09f4fa&zdid=1361
date
Sat, 13 Jan 2024 07:01:53 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 452D 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=9d8e44c9-4508-4a3d-5b9a-7f752d09f4fa&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
844bc53f4c522c65-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame 452D 		557 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=9d8e44c9-4508-4a3d-5b9a-7f752d09f4fa&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f0bc499b816b8b4fd1f1740bc034cc4e9f691a5278b9f5fcb3092f5ff9e794c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
844bc53f4c542c65-FRA
access-control-allow-headers
*
15581
rtb.gumgum.com/usync/ Frame EA30 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.29.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-29-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
15b1621058d0a0e951b655b603299f50fc7dd47d24f05c35fca53a4267aa4621

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 13 Jan 2024 07:01:53 GMT
etag
W/"0713d5093573a965b85807d6d5e1c52a3"
server
nginx
timing-allow-origin
*
csync
sync.adtelligent.com/ Frame 8B73 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ANzyhluERh2AYbQF&traffic_source=snippet&session=1FA998684CE4FCFB&sp=500592&pb=305453&c=484122&a=307971&domain=https://my.evilmilk.com/&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA998684CE4FCFB%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fmy.evilmilk.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sat, 13 Jan 2024 07:01:52 GMT
Etag
4584774d6289856b
Server
Adtelligent
setuid
prebidserver.pixfuture.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
  • https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=47093520-6fd4-437a-9810-9eb2bc96a985
86 B
684 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=47093520-6fd4-437a-9810-9eb2bc96a985
Protocol
HTTP/1.1
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
content-type
image/png

Redirect headers

location
https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=47093520-6fd4-437a-9810-9eb2bc96a985
date
Sat, 13 Jan 2024 07:01:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ Frame 1565 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pixf_sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://cdn.pixfuture.com/
Origin
https://cdn.pixfuture.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
844bc53f6cd092b4-FRA
usersync
usersync.gumgum.com/ Frame EA30
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5293967234649900053
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5293967234649900053
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
an-x-request-uuid
51f85f22-4104-4763-b372-d1122b639295
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=5293967234649900053
x-proxy-origin
81.95.5.40; 81.95.5.40; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame EA30
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_aac71229-92e1-45ff-901f-1292d916c5c2&gdpr=&gdpr_consent=&us_privacy=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=47093520-6fd4-437a-9810-9eb2bc96a985&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=47093520-6fd4-437a-9810-9eb2bc96a985&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=9731979f-463d-447a-9380-2e7af1c1ae49&ssp=gumgum2&expires=30&user_group=5&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=4&user_id=9731979f-463d-447a-9380-2e7af1c1ae49&ssp=gumgum2&expires=30&user_group=5&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
H2
Server
18.193.91.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-91-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=4&user_id=9731979f-463d-447a-9380-2e7af1c1ae49&ssp=gumgum2&expires=30&user_group=5&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985
Date
Sat, 13 Jan 2024 07:01:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cm
us-u.openx.net/w/1.0/ Frame EA30 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame EA30
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-39276bb2-0f53-5443-4b1c-105d64281d26$ip$81.95.5.40
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-39276bb2-0f53-5443-4b1c-105d64281d26$ip$81.95.5.40
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-39276bb2-0f53-5443-4b1c-105d64281d26$ip$81.95.5.40
Date
Sat, 13 Jan 2024 07:01:53 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame EA30
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-bmumUN5E2pcJuUN.PR7bov8JMV5Kdis3Z1T5~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-bmumUN5E2pcJuUN.PR7bov8JMV5Kdis3Z1T5~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 13 Jan 2024 07:01:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-bmumUN5E2pcJuUN.PR7bov8JMV5Kdis3Z1T5~A
content-length
0
usersync
usersync.gumgum.com/ Frame EA30
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=38128f65-5b81-48a5-b503-3774fcd30a09
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=38128f65-5b81-48a5-b503-3774fcd30a09
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=38128f65-5b81-48a5-b503-3774fcd30a09
Date
Sat, 13 Jan 2024 07:01:53 GMT
Connection
keep-alive
X-CI-RTID
c5b99c94-3600-4956-a1fd-9e98d84e4973
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame EA30 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame EA30
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_aac71229-92e1-45ff-901f-1292d916c5c2&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
sync
ssbsync.smartadserver.com/api/ Frame EA30 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.229 , France, ASN16276 (OVH, FR),
Reverse DNS
ip229.ip-217-182-178.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:52 GMT
content-length
0
um
sync.e-planning.net/ Frame EA30 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=0ce520e214d25a23&uid=e_aac71229-92e1-45ff-901f-1292d916c5c2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

server
openresty
date
Sat, 13 Jan 2024 07:01:53 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame 4533
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=8134709458298602181&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=8134709458298602181&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Jan 2024 07:01:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 13 Jan 2024 07:01:53 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=8134709458298602181&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 912F 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYWM3MTIyOS05MmUxLTQ1ZmYtOTAxZi0xMjkyZDkxNmM1YzI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 07:01:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 548B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=73320
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 13 Jan 2024 07:01:53 GMT
expires
Sun, 14 Jan 2024 03:23:53 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 2115 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sat, 13 Jan 2024 07:01:53 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame C7CD
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaI1YcCo8XwAAB1mxt8AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZaI1YcCo8XwAAB1mxt8AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Jan 2024 07:01:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 13 Jan 2024 07:01:53 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZaI1YcCo8XwAAB1mxt8AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
35
X-SO-Cluster-ID
0
X-SO-HostName
m-ad1025.dc4p.scaleout.jp
X-SO-IP
81.95.5.40
X-SO-Key
ZaI1YcCo8XwAAB1mxt8AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZaI1YcCo8XwAAB1mxt8AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad1025"}
X-SO-LB-Hostname
m-tgng24.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad1025
usersync
usersync.gumgum.com/ Frame 5550
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=-g1FSJFLnKSoeGzYylVO99GNdpCAEZdZFSZ8piw7LRc&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=-g1FSJFLnKSoeGzYylVO99GNdpCAEZdZFSZ8piw7LRc&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Jan 2024 07:01:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 13 Jan 2024 07:01:53 GMT Sat, 13 Jan 2024 07:01:53 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=-g1FSJFLnKSoeGzYylVO99GNdpCAEZdZFSZ8piw7LRc&pi=gumgum
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 57E7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D0ce520e214d25a23%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Jan 2024 07:01:53 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 13 Jan 2024 07:01:53 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 57E7 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0959086c1458b1a0a9c99630cc49197a7b11f3f741dd87a07c6063f6302d890a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 07:01:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Jan 2024 12:02:37 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18068
Connection
keep-alive
Content-Length
10964
Expires
Sat, 13 Jan 2024 12:03:01 GMT
rum
cdn.pixfuture.com/cdn-cgi/ Frame 1565 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cdn.pixfuture.com/pixf_sync.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

date
Sat, 13 Jan 2024 07:01:53 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://cdn.pixfuture.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
844bc53ffe86997b-FRA
seg
secure.adnxs.com/ Frame F456 		0
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/seg?add=27578847%2C27578847&remove=27578847&t=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js?pxft_dis_v=2.62
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.evilmilk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:53 GMT
an-x-request-uuid
177b96de-a311-46ad-8712-a8f3d190f32e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.40; 81.95.5.40; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 57E7 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
Expires
0
/
csync.smilewanted.com/ Frame EDC7 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/?us_privacy=1---
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
996475b79e75521bdff3e7f2f111434d0d89c213ab33456ca374f52ced8eb384

Request headers

Referer
https://my.evilmilk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
844bc54e7a729217-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 13 Jan 2024 07:01:55 GMT
server
cloudflare
vary
Accept-Encoding
pbjs
sync.quantumdex.io/usersync/ Frame 8DB1 		5 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d846d9bd82c80dffe1aa3cbb73e4af2dddefbb323f2cff2f28d125f6f401182

Request headers

Referer
https://my.evilmilk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
844bc54e8adc2bc1-FRA
content-encoding
br
content-type
text/html
date
Sat, 13 Jan 2024 07:01:55 GMT
server
cloudflare
/
onetag-sys.com/usync/ Frame 1CB9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1705129312222&us_privacy=1---
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://my.evilmilk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame C4E8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://my.evilmilk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
5730
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 13 Jan 2024 07:01:55 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 05 Jan 2024 05:26:09 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1803, 22414
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220095-FRA
X-Timer
S1705129316.610962,VS0,VE0
isyn
prebid.a-mo.net/ Frame EFD7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://my.evilmilk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Sat, 13 Jan 2024 07:01:54 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
sync.html
cdn.aralego.net/ucfad/cookie/ Frame D19A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html?usprivacy=1---
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://my.evilmilk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
9719
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
844bc54e9e86368a-FRA
content-encoding
br
content-type
text/html
date
Sat, 13 Jan 2024 07:01:55 GMT
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqPmcxe%2FXUGP3%2FerkYsYID7sp62ybP0OqEUd82cAcrydoPO%2F%2F2upfOKk%2B872fhetqECie15h8GEsG%2FXqaYyupXCBeF5youR9qE9BttkATF4EW0xIPQeGhcyGL4OoqqeAyZcnia9MQ3qDPXvd7w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame D19A 		35 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?usprivacy=1---
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html?usprivacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:55 GMT
connection
close
content-length
35
content-type
image/gif
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame EDC7 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
876824
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
844bc54efab19217-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
pixel
ap.lijit.com/ Frame 8DB1 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 13 Jan 2024 07:01:55 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame 8DB1
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-7926596070356998214
  • https://sync.quantumdex.io/setuid?bidder=between&uid=1a9f3133-d219-530d-93c1-2b65f6631e01
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=1a9f3133-d219-530d-93c1-2b65f6631e01
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H3
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
844bc5536f713a67-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=1a9f3133-d219-530d-93c1-2b65f6631e01
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 8DB1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5293967234649900053
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5293967234649900053
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
844bc54f5b6b2bc1-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:55 GMT
an-x-request-uuid
0d6f4412-2dfd-42ee-863b-c42626e7bb88
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5293967234649900053
x-proxy-origin
81.95.5.40; 81.95.5.40; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 8DB1
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4578542b-00e4-3eb2-85c1-f93447689abe
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4578542b-00e4-3eb2-85c1-f93447689abe
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H3
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
844bc54fdcd03a67-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4578542b-00e4-3eb2-85c1-f93447689abe
pragma
no-cache
date
Sat, 13 Jan 2024 07:01:55 GMT
cache-control
no-store
content-length
0
expires
0
/
s.ad.smaato.net/c/ Frame 8DB1 		0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:39 GMT
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
16
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
Z6RQJUTj1dtuETXD_Igs3j4fwI7AHaazCIQ75Ba5m6gliFy8eTAusg==
v1
match.sharethrough.com/FGMrCMMc/ Frame 8DB1 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.3.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-3-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:55 GMT
0.gif
id5-sync.com/i/495/ Frame 8DB1 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 13 Jan 2024 07:01:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
usermatch
ssum-sec.casalemedia.com/ Frame A768 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7d369c5fba0689557ca341a00a45913d150ef9ddd454ed8ed0926892313cf12

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
844bc54f4956194d-FRA
content-encoding
br
content-type
text/html
date
Sat, 13 Jan 2024 07:01:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jet97c8dg7OWZFXnpQo4r7QwHCKc1xqQU%2Fkk%2B%2FfBTBD%2FYC1CW2EuWbBo2DEgL9git%2B2QbgcMeqJU6657sT1J%2FzBTiRXoL6iW9mAH0lcGQoW54T6KNPiGXaQ1osaHoAK%2FofOBxKoto52i%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user-sync
sync.adkernel.com/ Frame D712 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sat, 13 Jan 2024 07:01:55 GMT
Server
nginx
user-sync
sync.adkernel.com/ Frame EF21 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sat, 13 Jan 2024 07:01:55 GMT
Server
nginx
user-sync
sync.adkernel.com/ Frame E0B2 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sat, 13 Jan 2024 07:01:55 GMT
Server
nginx
user-sync
sync.adkernel.com/ Frame F4CC 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sat, 13 Jan 2024 07:01:55 GMT
Server
nginx
/
onetag-sys.com/usync/ Frame 416D 		0
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Donetag-pbs%26uid%3D%24%7BUSER_TOKEN%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
content-length
0
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 3D96
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
f6953d051c837d4cf8fc462c207aecc0b92dc67c65a7575c29a522b191086c86

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1347
content-type
text/html; charset=utf-8
date
Sat, 13 Jan 2024 07:01:55 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 13 Jan 2024 07:01:55 GMT
location
/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 4A16 		0
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.224.6.94 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-length
0
content-type
text/html
date
Sat, 13 Jan 2024 07:01:55 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C1F6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=73318
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 13 Jan 2024 07:01:55 GMT
expires
Sun, 14 Jan 2024 03:23:53 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame 4867
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
844bc54f6b782bc1-FRA
content-length
43
content-type
image/gif
date
Sat, 13 Jan 2024 07:01:55 GMT
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sat, 13 Jan 2024 07:01:55 GMT
etag
OPTOUT
expires
0
location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
pragma
no-cache
/
onetag-sys.com/usync/ Frame F4D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
drop_cookie_sw.php
csync.smilewanted.com/ Frame 64C6 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/?us_privacy=1---
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
844bc54f5ad69217-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 13 Jan 2024 07:01:55 GMT
server
cloudflare
vary
Accept-Encoding
getuid
sync.smartadserver.com/ Frame 350D
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.134.110.136 , France, ASN16276 (OVH, FR),
Reverse DNS
ip136.ip-91-134-110.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sat, 13 Jan 2024 07:01:54 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Sat, 13 Jan 2024 07:01:55 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
usersync.aspx
dis.criteo.com/dis/ Frame A768
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaI1YPICIG.evZD1bvHNgwAA%261181&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4181287239118945560
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:56 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
169789
expires
Sat, 13 Jan 2024 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Sat, 13 Jan 2024 07:01:56 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
ie
match.prod.bidr.io/cookie-sync/ Frame A768 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.95.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-95-115.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:55 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame A768 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Jan 2024 07:01:55 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705129315898007-513
sync
ups.analytics.yahoo.com/ups/55940/ Frame A768 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame A768
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=e00cf749-cb7c-9d1b-3843749d
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=e00cf749-cb7c-9d1b-3843749d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myU6oatVAJoXmNjmXlZQ7vVyQlGrktqLW8FQxlfiOX9ge30gDFr6D1BApcB7VJWB%2FTBYTOvVB55MqZPQ9eNS0xVNuffSfLM5di%2F4%2FVAmhye%2FPkwAxUjUrZ9YGj6CRxhDWPt8Nbyk96FZbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844bc5505a22194d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 13 Jan 2024 07:01:55 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=e00cf749-cb7c-9d1b-3843749d
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
sync
x.bidswitch.net/ Frame A768 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.91.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-91-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame A768
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084929395100999
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084929395100999
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIi7lsK7wA063J4f9vT3EooWCRwKXqN7wpJpqyR6zHcwU7UIRoPMrNxWtlF3J0Bae%2FPlQg5nTe76JeyTmVc%2FkdMZvDtnL%2BDnFAdr%2Bwk3X2zrcWxz1w7GTylgRNWT3XI0u1ZjBBXGf7ZzfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844bc54f8988194d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084929395100999
Date
Sat, 13 Jan 2024 07:01:55 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame A768
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ol%2BJshrrP9ESAN2JLO5m3CMaP2AcMAGEQq6wrSnaL4WjWVUe%2FXSUnib76%2BnLexdD2FAo9M3MudKlfNwS4x4Ifby9GRgFZNC1hnFHv2arVSs0pEmFQZt6ZwvTsW6ctMpZizedrr%2BQXW3xg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844bc54fc9b6194d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Sat, 13 Jan 2024 07:01:55 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
setuid
sync.quantumdex.io/ Frame A768 		43 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
844bc54f7c873a67-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame C1F6 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53611223&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:55 GMT
content-length
0
5293967234649900053
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame 2E6D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/5293967234649900053
0
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/5293967234649900053
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
844bc54fbb0c9217-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 13 Jan 2024 07:01:55 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
e3e658c3-fe6e-40c0-a40d-babaff74c732
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 13 Jan 2024 07:01:55 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/5293967234649900053
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
81.95.5.40; 81.95.5.40; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame 3D96 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:55 GMT
server
Kestrel
content-length
70
content-type
image/gif
ebda
eb2.3lift.com/ Frame 3D96
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc4NTQ3MDMwMjUwNDg4NjI3NjE5Ng%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 3D96
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENeGWlHbGqLPweqOX2Fm0dU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENeGWlHbGqLPweqOX2Fm0dU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 13 Jan 2024 07:01:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENeGWlHbGqLPweqOX2Fm0dU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3D96
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc4NTQ3MDMwMjUwNDg4NjI3NjE5Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc4NTQ3MDMwMjUwNDg4NjI3NjE5Ng%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc4NTQ3MDMwMjUwNDg4NjI3NjE5Ng%3D%3D
date
Sat, 13 Jan 2024 07:01:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 3D96 		0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1785470302504886276196&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:55 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: A4E18C0173BE406E84620ADA12057DAB Ref B: DUS30EDGE0419 Ref C: 2024-01-13T07:01:55Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOzlsreLav14tqKpAeHA==
xuid
eb2.3lift.com/ Frame 3D96
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1785470302504886276196?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-4yXAtpJE2oRAU7tFnKOjjm5J4iONOXrpvtWbxAC6Hg--~A&dongle=0883
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-4yXAtpJE2oRAU7tFnKOjjm5J4iONOXrpvtWbxAC6Hg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Sat, 13 Jan 2024 07:01:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-4yXAtpJE2oRAU7tFnKOjjm5J4iONOXrpvtWbxAC6Hg--~A&dongle=0883
content-length
0
sync
x.bidswitch.net/ Frame 3D96
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1785470302504886276196&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
18.193.91.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-91-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:01:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=47093520-6fd4-437a-9810-9eb2bc96a985
date
Sat, 13 Jan 2024 07:01:55 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 3D96 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:55 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
205386
expires
Sat, 13 Jan 2024 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 3D96
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5293967234649900053&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=5293967234649900053&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 13 Jan 2024 07:01:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:55 GMT
an-x-request-uuid
ca6a02bc-2c54-45da-821e-c6ab975720ca
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=5293967234649900053&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
81.95.5.40; 81.95.5.40; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 3D96 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=1785470302504886276196
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:55 GMT
an-x-request-uuid
492c9f1f-65e6-4172-ab99-263ff4e4eebd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.40; 81.95.5.40; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 16F2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
704c1e4d3fcc922a3031d436b584678b
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 82C7 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=73318
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 13 Jan 2024 07:01:55 GMT
expires
Sun, 14 Jan 2024 03:23:53 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
server_match
ice.360yield.com/ Frame FA37 		43 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.252.157.161 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-length
43
content-type
image/gif
date
Sat, 13 Jan 2024 07:01:56 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
17bb539f-8f97-4c2f-a416-c7fc3c37491e
csync.smilewanted.com/set_partner_userid_get/openx/ Frame B808
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/17bb539f-8f97-4c2f-a416-c7fc3c37491e
0
719 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/17bb539f-8f97-4c2f-a416-c7fc3c37491e
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
844bc55fab8d9217-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 13 Jan 2024 07:01:58 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Sat, 13 Jan 2024 07:01:58 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/17bb539f-8f97-4c2f-a416-c7fc3c37491e
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pixel
ap.lijit.com/ Frame 671C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sat, 13 Jan 2024 07:01:56 GMT
X-Sovrn-Pod
ad_ap4ams1
8134709458298602181
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 9132
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/8134709458298602181
0
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/8134709458298602181
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
844bc551ac049217-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 13 Jan 2024 07:01:56 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Sat, 13 Jan 2024 07:01:56 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/8134709458298602181
server
nginx
5aa3befa-e0e9-43e0-850d-9036fd57621a
csync.smilewanted.com/set_partner_userid_get/adwmg/ Frame 645E
Redirect Chain
  • https://us.shb-sync.com/d3cf52c0-fa89-45fb-83fa-f14d2af39226.gif?puid=[UID]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadwmg%2F%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CON...
  • https://csync.smilewanted.com/set_partner_userid_get/adwmg/5aa3befa-e0e9-43e0-850d-9036fd57621a
0
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adwmg/5aa3befa-e0e9-43e0-850d-9036fd57621a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
844bc5538ce09217-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 13 Jan 2024 07:01:56 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 13 Jan 2024 07:01:56 GMT
Expires
0
Keep-Alive
timeout=5
Location
https://csync.smilewanted.com/set_partner_userid_get/adwmg/5aa3befa-e0e9-43e0-850d-9036fd57621a
Pragma
no-cache
/
s.ad.smaato.net/c/ Frame BEBD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.ad.smaato.net/c/?adExInit=smile&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsmaato%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
52
cache-control
no-cache, must-revalidate
date
Sat, 13 Jan 2024 07:01:04 GMT
server
CloudFront
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
x-amz-cf-id
LBFveHGKaCIu51ZUxW8Yjk-bjxmItz2gG8XknkCiDo8ogyzSriqKkA==
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmy.evilmilk.com%2F&domain=my.evilmilk.com&cw=1&lsw=1&us_privacy=1---&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://my.evilmilk.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://my.evilmilk.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 13 Jan 2024 07:01:59 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
269416
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
id.a-mx.com/sync/ 		66 B
268 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://my.evilmilk.com/&tl=https://my.evilmilk.com/&nf=0&rt=true&v=8.30.0&av=2.0&vg=vlipb&us_privacy=1---&am=null&gdpr=1&gdpr_consent=undefined
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
131.153.158.209 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
fca05be564a0f1988ddd3fa28634a7ed2836e1f9d6f9108295de1def2a9b5cde

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://my.evilmilk.com
date
Sat, 13 Jan 2024 07:01:59 GMT
access-control-allow-credentials
true
content-length
66
content-type
application/json
json
gum.criteo.com/sid/ 		2 B
373 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmy.evilmilk.com%2F&domain=my.evilmilk.com&cw=1&lsw=1&us_privacy=1---&gdpr=1
Requested by
Host: s3.bilsyndication.com
URL: https://s3.bilsyndication.com/vli-assets/prebid/default/prebid-8.30.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 07:01:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://my.evilmilk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
210554
expires
0
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Jan 2024 07:02:03 GMT
content-length
0
vary
Origin
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.evilmilk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 13 Jan 2024 07:02:03 GMT
content-length
0
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2194730263&i4=81.95.5.40&r=https%3A%2F%2Fmy.evilmilk.com%2F
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Domain
bn01.er.bemail.it
URL
https://bn01.er.bemail.it/zeotap.php?_bid=6f31e70e-a4af-4984-4e96-590375312a75&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6f31e70e-a4af-4984-4e96-590375312a75%26reqId%3Dcf51955f-9101-4169-6fb5-75eae02983eb%26zdid%3D1361
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| vitag object| regeneratorRuntime object| _PBCFG string| tagApi object| viAPItag function| $ function| jQuery object| headerBidParamObject object| attrData string| pxft_clear_cache_flag undefined| pxft_first_init_activated undefined| attrDataArray object| displayPlacement_PF_script boolean| pixfuture_environment_started function| init_____display____pixfuture object| ID5EspConfig function| EventEmitter object| eventie function| imagesLoaded function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| IASCallbacks function| IASHistoryExtension function| IASNoneLeftExtension function| IASPagingExtension function| IASSpinnerExtension function| IASTriggerExtension function| reportme function| dirclickMEME function| dirclickMEMEDECLARE function| dirclick function| dirclickDeclare function| expandmenu function| btntrayexp function| btntrayr function| btntray function| Hammer undefined| returnExports object| vttjs function| WebVTT function| videojs undefined| Youtube function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| DISQUSWIDGETS undefined| disqus_domain undefined| disqus_shortname string| GoogleAnalyticsObject function| ga boolean| isPxftLibrariesPending function| findCMP_PixFuture object| gaplugins object| gaGlobal object| gaData object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| pbjs_pixChunk object| pbjs_pix object| _pbjsGlobals object| mnet object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| googletag object| ggeac object| google_js_reporting_queue object| pxft_googletag undefined| google_measure_js_timing function| getEidsByVLI function| __tcfapi function| __uspapi boolean| __VLICMP object| $sf object| _aps boolean| apstagLOADED object| apstag object| vlipbChunk object| vlipb object| ADAGIO string| nobidVersion object| nobid object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| observeElementInViewport object| apscustom function| __tcfapiui string| cnsntv2 boolean| _pxft_iel_init boolean| pxft_first_init_iel_activated object| __connect object| sas object| apntag object| _ADAGIO

105 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQv5uCjdAxCgoIkQIQv5uCjdAxCgoItAIQv5uCjdAxCgoI5gEQv5uCjdAxCgoIhwIQv5uCjdAxCgoItwIQv5uCjdAxCgkIOhC_m4KN0DEKCgiMAhC_m4KN0DEKCQhfEL-bgo3QMQoJCB8Qv5uCjdAx
i.liadm.com/s Name: _li_ss
Value: ChgKBgiiARD7FgoGCIsBEPsWCgYI0gEQ-xY
my.evilmilk.com/ Name: ASP.NET_SessionId
Value: cqias4zusywhmrhlnvmyzjpe
.youtube.com/ Name: YSC
Value: 1GZ9DfAgR80
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: LPjQ2f1viJk
.evilmilk.com/ Name: _gid
Value: GA1.2.1960660214.1705129311
.evilmilk.com/ Name: _gat_gtag_UA_102658320_1
Value: 1
.evilmilk.com/ Name: _ga_BRN37S9T9Y
Value: GS1.1.1705129311.1.0.1705129311.0.0.0
.evilmilk.com/ Name: _ga
Value: GA1.1.2014607481.1705129311
.agkn.com/ Name: ab
Value: 0001%3A4HQI6oJZtTg0EG3e0TRQ4ulGZ9rtJ1wU
.udmserve.net/ Name: udmts
Value: 1705129311.0
.udmserve.net/ Name: dt
Value: D4A34F91-F843-388D-AC5B-D2BA08A3BEAF
my.evilmilk.com/ Name: __ppIdCC
Value: eciknikj_xon2179516.311553
my.evilmilk.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.evilmilk.com/ Name: _pubcid
Value: d382c8a6-ad68-4cae-8b1b-9c55f06f87a8
my.evilmilk.com/ Name: _lr_retry_request
Value: true
my.evilmilk.com/ Name: _lr_env_src_ats
Value: false
.adnxs.com/ Name: uuid2
Value: 5293967234649900053
my.evilmilk.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-01-13T07%3A01%3A51%22%7D
.gumgum.com/ Name: cs
Value: true
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: ANzyhluERh2AYbQF
my.evilmilk.com/ Name: ucf_uid
Value: de2bd31b-069e-41b6-ae01-24e985f725f8
.casalemedia.com/ Name: CMID
Value: ZaI1YPICIG.evZD1bvHNgwAA
.casalemedia.com/ Name: CMPS
Value: 1181
.casalemedia.com/ Name: CMPRO
Value: 1181
.zeotap.com/ Name: zc
Value: 6f31e70e-a4af-4984-4e96-590375312a75
.gumgum.com/ Name: vst
Value: e_aac71229-92e1-45ff-901f-1292d916c5c2
.quantserve.com/ Name: mc
Value: 65a23560-3f0df-579b0-6dc74
.tapad.com/ Name: TapAd_TS
Value: 1705129312255
.tapad.com/ Name: TapAd_DID
Value: a86ce18a-9d43-4a0c-b59f-15c325f729bb
.adfarm1.adition.com/ Name: UserID1
Value: 7323474630495434902
.doubleclick.net/ Name: IDE
Value: AHWqTUl6CG8K9viyS5RKxTN3ZVgwoxV-Lbwm4H5AxMeMkKH3h6gOTGBks9k9q22KTcw
.weborama.fr/ Name: AFFICHE_W
Value: z-ZjLsgXMQHP72
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adform.net/ Name: C
Value: 1
.demdex.net/ Name: demdex
Value: 78916886434790314242158371810373251452
.creativecdn.com/ Name: u
Value: DOR6Oguj4fQ56e4lw062
.creativecdn.com/ Name: g
Value: DOR6Oguj4fQ56e4lw062_1705129312295
.bidswitch.net/ Name: tuuid
Value: 47093520-6fd4-437a-9810-9eb2bc96a985
.bidswitch.net/ Name: c
Value: 1705129312
.bidswitch.net/ Name: tuuid_lu
Value: 1705129312
.turn.com/ Name: uid
Value: 4181287239118945560
.adform.net/ Name: uid
Value: 8134709458298602181
.dpm.demdex.net/ Name: dpm
Value: 78916886434790314242158371810373251452
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 9ac8f89f3c54824a
.yahoo.com/ Name: A3
Value: d=AQABBGA1omUCELiUhGUXalzPcjk-M0FAOi0FEgEBAQGGo2WsZeAPyiMA_eMAAA&S=AQAAAh2tTLtprm9UIm9JVuWYaEg
.analytics.yahoo.com/ Name: IDSYNC
Value: 19ah~2g5j
.company-target.com/ Name: tuuid
Value: f4860797-a00b-46a6-83e5-abe6b0ca3ede
.company-target.com/ Name: tuuid_lu
Value: 1705129312|ix:0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-fee4c498-26c0-4562-a673-199d9cd49ec3-003%22%7D
.quantumdex.io/ Name: uid
Value: 4bfd0280-c31c-476b-96a7-3677c3f22b18
.quantserve.com/ Name: d
Value: ECEBFAHyKrjvsQq-vxA
.krxd.net/ Name: _kuid_
Value: QCGSOAAz
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-4578542b-00e4-3eb2-85c1-f93447689abe
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_8a83adcc-2cf2-4063-8665-3ee710be3034
.fwmrm.net/ Name: _uid
Value: umo0447_7324612136925658800
.ipredictive.com/ Name: cu
Value: 38128f65-5b81-48a5-b503-3774fcd30a09|1705129312597
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-39276bb2-0f53-5443-4b1c-105d64281d26.%2B0wUtc2ebMbdZc%2FsWcwvSeb7oa8k2tfYtjI7mA9VgK8
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-39276bb2-0f53-5443-4b1c-105d64281d26.%2B0wUtc2ebMbdZc%2FsWcwvSeb7oa8k2tfYtjI7mA9VgK8
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AOSdrsg9TVENLHBBdZCgdJlFfBSg.0FV6gqR5UpUab82C9%2FG2rw5eAx2bPQ8zguyja4Uq11k
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AOSdrsg9TVENLHBBdZCgdJlFfBSg.0FV6gqR5UpUab82C9%2FG2rw5eAx2bPQ8zguyja4Uq11k
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGxouyvSbv25vx-VQMVbbrNeWdYxnElRbD6u_tUjBzi9EHwYBCDg6oitBjABOgRvD7diQgT3pqoB.YbIwJy33%2BY5dVs1DGjETM8HjSN9D3GTz9IJ7eMJdsRM
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGxouyvSbv25vx-VQMVbbrNeWdYxnElRbD6u_tUjBzi9EHwYBCDg6oitBjABOgRvD7diQgT3pqoB.YbIwJy33%2BY5dVs1DGjETM8HjSN9D3GTz9IJ7eMJdsRM
.liadm.com/ Name: lidid
Value: ffe83462-df86-4782-a6c9-1623ff86426a
.rezync.com/ Name: zync-uuid
Value: 207e64f9-2433-4417-83d9-94ed63cde464:1705129312.988642
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-fee4c498-26c0-4562-a673-199d9cd49ec3-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%222069.96%22%7D
.zeotap.com/ Name: zsc
Value: %E3%05%A1~X%91%85%80%08%21%27%9BZ%2B%60k%EC%1B%5B%CD%C2%9A%19%04%60xN%28ab%EF%B1%D0%FB%E3%19+%8Eg%1F%1F%93%0D-%AB%C4%DD%A6%D1%D1%84aC%0C%A8m%97%DC%5B%B2S%D8%FE%95O%89%EB%B54ZX%A7%7F%B6%C3%9C7%B8%D0%9EY%06%1C%B2%8Az%40%23%F4%EEu%27%D0%F38%26%BF%06Z%BD%FE6n%E2%22%91%1A%CB7%AE%B0%C1%E2%22%29%8C%B4WJo%10%D5%06%C1%D5G%1F%40%99%94%92o%D4o%3Ci46%BDR%AD%26U~1%99%FB%07ri%8D%2B%3D%B1%A4%81%03%D3%3F%18%10%06%EC%0F%07%FF%ECKH%1FY
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0sjS2NDU0MLC0tBTiM9SNyHXx9Q8sDXdy93QBAMNdb6ElAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0sjS2NDU0MLC0tBTiM9SNyHXx9Q8sDXdy93QBAMNdb6ElAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXByxWAMAgEwIvt4AvsyiftBCzEyp35LrcV43xLjICQGpLokuK04_TQuTXWo1ZQuyvTaT--WY-6OQAAAA
.creativecdn.com/ Name: ts
Value: 1705129313
.w55c.net/ Name: wfivefivec
Value: JBvctCsp1Roy1H5
.w55c.net/ Name: matchcasale
Value: 5
.go.sonobi.com/ Name: HAPLB8G
Value: s86132|ZaI1Z
.adtelligent.com/ Name: a754412
Value: 0000EEA
.adtelligent.com/ Name: a743293
Value: 8134709458298602181
prebidserver.pixfuture.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJlcGxhbm5pbmciOnsidWlkIjoiQU56eWhsdUVSaDJBWWJRRiIsImV4cGlyZXMiOiIyMDI0LTAxLTI3VDA3OjAxOjUyLjI1OTc4MTcwMloifSwiZ3JpZCI6eyJ1aWQiOiI0NzA5MzUyMC02ZmQ0LTQzN2EtOTgxMC05ZWIyYmM5NmE5ODUiLCJleHBpcmVzIjoiMjAyNC0wMS0yN1QwNzowMTo1My4yMjQ2NTU1NDJaIn19LCJiZGF5IjoiMjAyNC0wMS0xM1QwNzowMTo1Mi4yNTk3NjQ2NjlaIn0=
.creative-serving.com/ Name: tuuid
Value: 9731979f-463d-447a-9380-2e7af1c1ae49
.creative-serving.com/ Name: c
Value: 1705129313
.creative-serving.com/ Name: tuuid_lu
Value: 1705129313
live.rezync.com/ Name: sd-session-id
Value: .eJwNzEsKwzAMANG7aB0XyZY_8mVCiVUwSdwSp5uG3L1eDjzmgvmjx_5s2k7I5_HVCZatjuqQL-j1t-sKGTwxYmKx4sQToojAPUHX3uu7zbUMYzFq4JcYy84ZZoomuSJGWEtwS1EOnCmip3Eh-5CUAlu4_20NJMI.ZaI1YQ.r5krz7JqNy5lPPRg3MjjwnIJMKE
.adtelligent.com/ Name: vmuid
Value: 4584774d6289856b
.adtelligent.com/ Name: a307971
Value: ANzyhluERh2AYbQF
.addthis.com/ Name: na_id
Value: 2024011307015300033224514627
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 65a235612ba31d1e
.addthis.com/ Name: ouid
Value: 65a235610001b69f45a421c1d8e1528f1c0e93770517a1e8b96c
.amazon-adsystem.com/ Name: ad-id
Value: A6KvgLIBfELfswQQHitsSZI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.dlx.addthis.com/ Name: na_sc_x
Value: 1
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.ads.pubmatic.com/ Name: KCCH
Value: YES
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1WMsRGAMAzEjgGoMoe52P7YcdYhYSBKSsakggqOU6VCuqaZPReWUC5efE8m2YdhCxKoEsBOVXtQYHTTtQ8Y2hvJErUa5Ejf6MHOv_sNzjhDb2kAAAA
.3lift.com/ Name: tluid
Value: 1785470302504886276196
.adnxs.com/ Name: XANDR_PANID
Value: oUK1BfLqiYX8xpkECwYefUKP9-pxZcEEcf--BZw7883IEFbzsK42d2U910JWwZnFkZ0ervyW3qdipmFbdi8A_2B46s99RfvFHuLaOvfuStc.
.adnxs.com/ Name: anj
Value: dTM7k!M41.DYRWSF']wIg2GVVqKUrm!fsuh*q2X1Pl[gSnU+i7n#Dm(`pO_t5d`0H4/Ygo^Z:ol5e'ky)9xKXDpJ2U9T5_m!wxu%)eN*7
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIxNzg1NDcwMzAyNTA0ODg2Mjc2MTk2IiwiZXhwaXJlcyI6IjIwMjQtMDQtMTJUMDc6MDE6NTVaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDEtMTNUMDc6MDE6NTVaIn0=
.smilewanted.com/ Name: sw_user_params_infos
Value: bTSvQOyIpH6%2FK7l%2BqkMN0NdoxBCW%2FOr001MAo6aTspOebCYGpLjpTvcEQfupvowCT2oq1yyrWHjX077XYPYmFQZrB6wR2rucKls4UbRlog2LVETyUv2nu0bbwCNyVS5WKR4nieD3zkotKKHLCDYQ8OXh66j0MzRrD4GimTyUQNJpegkXCE7uBipH%2BlY6PbL6q2P002Zy4EVSyymxceaMew%3D%3D
.brand-display.com/ Name: _knxq_
Value: e00cf749-cb7c-9d1b-3843749d.1705129315.0.1705129315.1705129315
.ads.stickyadstv.com/ Name: UID
Value: fbc5ba8d7a571a8c9276ffd6c8329f16
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZaI1YPICIG-evZD1bvHNgwAABJ0AAAAB
.linkedin.com/ Name: bcookie
Value: "v=2&41c56434-c9ef-476e-8e5c-61055e08ecfe"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDUxMjkzMTU7MjswMjE95aTQwVG4BN9zZiZVzAO7FpH7eDY4UpUihlG/OnrE8Q==
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2732:u=1:x=1:i=1705129315:t=1705215715:v=2:sig=AQHUg55e9hALbEZofgTJGHfOcMEUAqiE"

19 Console Messages

Source Level URL
Text
javascript error URL: https://my.evilmilk.com/
Message:
Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2194730263&i4=81.95.5.40&r=https%3A%2F%2Fmy.evilmilk.com%2F' from origin 'https://my.evilmilk.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://fid.agkn.com/f?apiKey=2194730263&i4=81.95.5.40&r=https%3A%2F%2Fmy.evilmilk.com%2F
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.evilmilk.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694' from origin 'https://my.evilmilk.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://signal-segments.s-onetag.com/desktop/my.evilmilk.com
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=6f31e70e-a4af-4984-4e96-590375312a75&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://signal-segments.s-onetag.com/desktop/my.evilmilk.com/%2F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D96503f28aa14c8a3%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=96503f28aa14c8a3
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tags.bluekai.com/site/87734?id=6f31e70e-a4af-4984-4e96-590375312a75&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=cf51955f-9101-4169-6fb5-75eae02983eb&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://services.bilsyndication.com/adv1/?q=47040a776bf0a34e9ce507c330d69a89(Line 7)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6f31e70e-a4af-4984-4e96-590375312a75&reqId=9d8e44c9-4508-4a3d-5b9a-7f752d09f4fa&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D0ce520e214d25a23%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=207e64f9-2433-4417-83d9-94ed63cde464%3A1705129312.988642&_=1705129312.991065
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://onetag-sys.com/usync/?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Donetag-pbs%26uid%3D%24%7BUSER_TOKEN%7D
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ap.lijit.com
api.cmp.inmobi.com
api.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bn01.er.bemail.it
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cdn.aralego.net
cdn.jsdelivr.net
cdn.pixfuture.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
cmp.inmobi.com
cms.analytics.yahoo.com
cms.quantserve.com
code.jquery.com
config.aps.amazon-adsystem.com
connect-metrics-collector.s-onetag.com
cookies.nextmillmedia.com
creativecdn.com
cs-server-s2s.yellowblue.io
csync.smilewanted.com
d.turn.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
evilmilk.disqus.com
fid.agkn.com
fonts.googleapis.com
g2.gumgum.com
get.s-onetag.com
ghb.adtelligent.com
gum.criteo.com
hb.aralego.com
hbx.media.net
i.liadm.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
lb.eu-1-id5-sync.com
live.rezync.com
loadeu.exelator.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
maxcdn.bootstrapcdn.com
mp.4dex.io
mwzeom.zeotap.com
my.evilmilk.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-geo.s-onetag.com
onetag-sys.com
p.rfihub.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
prebidserver.pixfuture.com
px.ads.linkedin.com
px.vliplatform.com
region1.google-analytics.com
rtb.gumgum.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.e-planning.net
s3.bilsyndication.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
served-by.pixfuture.com
services.bilsyndication.com
services.vlitag.com
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
signal-segments.s-onetag.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.cloudflareinsights.com
static.smilewanted.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.adotmob.com
sync.adtelligent.com
sync.aralego.com
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.quantumdex.io
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tg.socdm.com
token.rubiconproject.com
trc.taboola.com
u-ams03.e-planning.net
u.ipw.metadsp.co.uk
u.openx.net
udmserve.net
ups.analytics.yahoo.com
us-u.openx.net
us.shb-sync.com
useast.quantumdex.io
usermatch.krxd.net
usersync.gumgum.com
vjs.zencdn.net
www.evilmilk.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
x.dlx.addthis.com
api.rlcdn.com
bn01.er.bemail.it
fid.agkn.com
sync-tm.everesttech.net
sync.tidaltv.com
104.22.68.131
124.146.153.162
13.32.121.105
13.32.22.213
13.32.27.123
131.153.158.209
137.184.242.150
141.95.98.64
142.250.186.98
143.204.98.87
145.40.97.66
15.197.193.217
151.101.65.108
157.90.211.246
161.35.253.218
162.19.138.82
162.210.196.208
172.64.151.101
178.250.1.9
18.159.88.14
18.193.91.20
18.197.162.124
18.245.47.29
18.66.112.48
185.15.245.81
185.184.8.90
185.83.71.234
185.89.211.84
193.0.160.131
193.3.178.2
193.3.178.4
198.47.127.19
199.232.196.134
2.18.160.23
2001:4860:4802:34::36
2001:4860:4802:36::178
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.93.169.131
216.52.2.86
217.182.178.229
23.21.0.242
23.32.184.192
23.56.202.187
2600:1f16:e61:3f01:9802:108e:78ba:29ea
2600:9000:211e:8400:1b:5138:8a40:93a1
2600:9000:214f:be00:1b:cadc:ef40:93a1
2606:4700:10::6816:2460
2606:4700:10::6816:3262
2606:4700:10::6816:3ac7
2606:4700:10::ac43:2ac9
2606:4700:20::681a:492
2606:4700:20::681a:744
2606:4700:20::681a:8a9
2606:4700:20::ac43:47fe
2606:4700:3037::ac43:9e3b
2606:4700:3038::6815:eb68
2606:4700:4400::6812:22b2
2606:4700::6810:3965
2606:4700::6810:5514
2606:4700::6811:190e
2606:4700::6812:acf
2607:ae80:4::26
2607:f350:3:2569:0:10:0:d
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:801::200a
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200a
2a02:2638:3::c
2a02:fa8:8806:16::1400
2a04:4e42:200::649
2a04:4e42:400::729
2a04:4e42::300
2a05:d018:d29:3602:44eb:b5a2:2ad7:b31f
2a0c:5c87:5241::2
3.120.236.239
3.124.134.82
3.224.6.94
3.71.149.231
34.111.113.62
34.111.131.239
34.160.19.107
34.160.236.64
34.251.251.86
34.252.157.161
34.252.210.232
34.96.71.22
34.98.64.218
35.210.239.72
35.227.252.103
35.244.174.68
37.157.3.20
37.157.6.237
38.91.45.7
44.209.190.13
45.137.176.88
46.228.174.115
46.228.174.117
50.31.142.255
51.89.9.254
52.1.112.24
52.2.229.240
52.210.15.1
52.210.29.170
52.210.40.9
52.46.155.104
52.50.95.115
52.58.3.175
52.72.177.11
52.95.115.196
54.210.237.164
54.246.208.24
54.78.254.47
65.9.66.68
65.9.66.74
67.202.105.24
68.71.249.118
69.173.144.139
69.173.144.165
72.246.169.24
75.2.13.80
76.223.111.18
77.245.57.72
8.2.110.26
8.2.110.33
85.114.159.93
91.134.110.136
95.101.149.233
96.46.186.59
99.86.4.128
012836af0a51bc628cc3eb10b36ac2b6a1dc5c6b118f95c6e5c0a66bb2c14966
04da339baae1948d51e6ffcd4f1f118fe304f7aef2884cd164714df856f0e7f0
06a00ca3c896dccbfb0dd1ee8d9211b8ea77bd92fb6359dc79631973133f39c8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ce6bf44f1b8ed69b32605abc490bde0fe32d00366d68b4220f7564bbf0531a
07ee1a015ae900ca77e929037a577632e3ff5b40b9fe643acab2bf0c8a06cc11
092398580b52215cc29109c539abeb05596bd9105a62a07fe9af09fcee886c99
0959086c1458b1a0a9c99630cc49197a7b11f3f741dd87a07c6063f6302d890a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f6f0ed6c96f379c1cee89709cbf240aa4f02eaea0d993b2cf46cfd51b701f34
11e15f1d64a63cb498d0d42720a688ed15bf78393d8c460d695a110244c066e3
140e17bdd8186191131c02a6da856adbda9a3d9b961f994407e67f4caeca48e5
15b1621058d0a0e951b655b603299f50fc7dd47d24f05c35fca53a4267aa4621
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1aa813e6253ba444eda427b66e45d2055bd63b77c41bf1dfe48e5275e5583cbe
1c2439e0dc23c573dbf3706b2b9891b416ec734d92a653c55c1725484c7e1d6a
1e2b0c88b4ef6a8656e08120faf038cbb19ebc3c9b1473646aebff61136dbb2f
22de3cfef032de2d4fdb9617e21c37a4e1b94d3c388eacf661428139aac3e19c
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
2817631fa7e1057a016ee0be1c390648ba671f121643b3d435e6a8ee873c878f
28abfafb6d54becd3119c72fada9c7dff45a52fcfb376e248426e95ba95e179a
2934ed07214f8ef5ea11ac6b6c34d56eef6b55b5b180c0fc879ea212df8e7b25
2c35ad3146982cd844183dcfdaf0e11d48b88b198d49af3c2dcaa753df654a19
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f28c77029d9395a196cc259994f42d5a19a051b2af574f73c08770311584960
30484ec18746a1c6b571bad1d578d07369cc3742076a0995f15ee5e6bef9658b
3076b0170c1c677054812ae2dd1866460687aeab712a9304ba8dc019590b84e3
3399f73a829693c7f1b48d5165488b2794b4449ba99e71e3965416d80a19e329
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4
389e09221dad7fd413666711ce5e0c66d6ea1ea612c06b62af6445ad86bee3bf
3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e07ced41b86569ec017ad04ad16b7a659510b9d4b270c3d4d2eb6f137fe8185
3ea194381d10da9e90de21735b51cbc6c898896323977a34fb53d55a4842a4c3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4153caed177a1910fb45b3cc71386e8e8e9b95f691b19f043431f9d518f2d025
41b0d89944236d450cc9e9e91e94e565aed22e3d01988fead8f10cf26516d48d
4369a3c9c0a9c5c312f58467e18b2a12e166ca4a1a96f2fbf98a8a9141223955
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
452c3b2c31fa328eccdf0f75b91567d8dbf26edd88825a5f539f0202d26ff9a0
4628ec931909bc11a2f6cfd871f9c9e6084ea46f2c7a795e9cb71cfee60772dd
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a27a322b62b032a45a665c6670b312af5a0da8e4951aeb9fa30f4487ff6b30a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c95f64414f1f198dda83b18d00bf63e030fc6fcfad0ce67992f9a3007dbd257
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4d846d9bd82c80dffe1aa3cbb73e4af2dddefbb323f2cff2f28d125f6f401182
4e0180db13d4fc850a29340c6fb44a88835ee41f48c71f0f4e543785574fa954
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
539b9d041edf0a45679726348ec83c71667634d400cd5e574ec97e2530b0d009
548f247cbd690d30110ca40022fded7621a0b11f4213cf663eba8db745239649
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56a5671e5ef71f33a83c9c5431ebf89569423516200f0c89395e93a4347d27ab
5945db634d3d5422613eede819c93d6f0da1dc900f7b8615f3ea6c8b60da0051
5a4c7a219afd706285884c6ccf2ea6e5e45334c11110fa00867a0401ac328147
5b414a201d433a80079bb11f4efacae1f09b93d28cd3540a543e5c4036626898
5d15d797a944132c825a29ee8119ae1ddc689d61c7e3b403120bdd50a491a875
600614b8b58fe6fc371bf83071a0ca1c27823ee0171ca57d9bf8b2abd8522326
605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
63b51f8bd8e17196b61439ae388bcd2694839e31598ee117f9e2f414374028cf
63b57f1c807cff36d05a0cc7f364cf39cb6a00aa0769f35ed051c71e5519e804
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6aa590adf31b123565c39e5d856cf28cdf30f5d9aa6306330ff29f3aa409920e
6ad9d22aa576c308831f3eb3442930bfeb34914fd91648ee70f0f340b5953fd4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c31b1c28a5c2eb512c04004dc1f3961a4a4e72f1faeda9cc1f18f5718c486bc
6db9cf077271c4f9a07b7b9f7012e4659e9deec1517f1ffff4f62c7fc8a77e11
701ba6da6573aaa3535dc228e659e8a1587dff868e3415ff44ad44617b0e8b27
71ac4b75bcb81fd768623217446af6a11740fb2af42b398079b56714304007e7
744770df053f0554c5ea22ca4b1167ce4b4b95545ad3d61ad6d47f148d5c26bd
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7856a93722a98a3e36c028cf476b591676f4016e02398c816bb46a6ea87d5fdf
7953631f0e54794d2352a3cfa591c0914d73e14f90141058e3cf16bee7939bcf
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c7ce9db71b051751b5f081bc2f590718f0b4facd3a27bdd4fc116af8341cba
7d856737e42b5badab19b9703fc6d38c8559ca6e473a564b1e808dcd66c2ccf5
7f1331692111a2b6ace14bf6135b4dd9acb114819bff767f17e4f2a1327fdd03
7f198f397655c940f8574a164704eb3a27a7314623656d57f0db435292441efd
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
85b59f786669f8918b872a0944b38de5d525bb59faf87c597853cace5d1de550
85d08c423d7b1693b88b86b53469bbfec779306a33f190fe2311d065974016a2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
885016056b9306512e9ed392acea870e48da147a30f6e6d7f0ca78ec766874a8
8b4cc53ccc27147b6197dc01839da3218a2d9d64033788e64c8e07a066929e76
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e4196faa28def3b310eed8c11827e29b55f9f3d2bfdd31d3d72669fea7f8c92
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
8f70fa61f7988f838d92697ead1485b2d2c0eb4c6282216aa717b829fe5affb7
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
90846c04444111ad8310e91c11a10a38c22fa80989242696185506342ce989c4
910590bacce75ce181cd30d2921291d16a6fb427893d872fcad81d8f99b5cbb6
91130b4fb4e0abb4c17cada5bb77da991abdf8c682aabd6fa25a56484a5850aa
9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17
929f0951169f5f8aeda75cc244a601b1e5621f503134d01001b04b9fa4e96fb5
957ef24c41a21492f8e4bf181bbd2c011c0e290ecf151ab657810d8bd0d6994d
996475b79e75521bdff3e7f2f111434d0d89c213ab33456ca374f52ced8eb384
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e25e62146695a87c4118c520beeeeca3110ecab177afa9916cd71a702c48a63
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4
9f0bc499b816b8b4fd1f1740bc034cc4e9f691a5278b9f5fcb3092f5ff9e794c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0f5299cde479d9dd932a72380d830e97f535994cfb38540bc60d4b534e8a0c0
a1961f71bfcad8a6b972671a1f5b7f4c39d5bc963a790487c649fad212c514d8
a61544bf1f5f6c8aaf3930d0f753c2247791c5bf0941c359573673da05b68ce8
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b
a6532c28262d4050152327d7cb95169ee76f8ad6efad5e8a96096579852c489b
a6ad6fb86ed4fd4fe930b5da17901f0f643579558b07022372d4758ba68c16e2
a7d369c5fba0689557ca341a00a45913d150ef9ddd454ed8ed0926892313cf12
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b326571812c0fa91583f17dc29136403309d0e32528eddb2f98dc8138a94d304
b3da537c2d27593256c3ec041940b8ab87611d6ad5de7d9a61aac9fd0bee592e
b40b9489c2730f2416282d63141e3a5f1a4a1c87df05d7c3095d5dfdf784c1f4
b7a89710c83d02d641be0d2d3cf60f2103eb8cadd9a05fa20e0c1eb88d378819
b95339db9127b9e6e5a604fcb6d8ada3de063e26b413ca22937266efa7834ce8
b9e9c613469cb7df9e2e88d02ae890256c961abfb20f1d2ce6a67a7124f04d57
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bee29a32ea5a0206cd8e7afa157bf0a170e907a44426f50e508bd33ede61fd15
c211e8775861eb70a495edc9b39d509002676809a57ed8090817e78f764b57fe
c2146085c77c56d72d0ed540f3bcf8dbe969b0df5dfd6ee812d6e8f8192caef5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c405fa8845372427cb52e0b881566d493695a754aa2c3eb599b84ffee7fac0e7
c696e0b058138e41157ab0a7fdea44a11fddfa5235c6ac81a84aaf4ed931b1d8
c7c8fb30a25d83d934203ecd30e99d189a3905e3d2cddea0ff4c2d67c42f08a8
c839a0b02171ddc076c247aa0193d3e4058287a213d338b39bc43eb651ecfd78
c91929d763dbd98a0f92f6900610101c27d9eba6fa0d2ee56b3a073fbebf8414
ca5a691ea0a5a7485c48827ef56c36cb4414693c72ef5f6a0067e5c9d3e00261
ce31d9147aeedb8d7b68926c635c88287c12ebd6a2ce5509b58c796d923c5042
ceb30b70ddd0da966da095e7a99ff06fde3bf61900ab4e17cb8c302ae4735703
d6fc04ca30e860c73b8207220bdf0757c08de38ad5f84ffa9662bf24e5392292
d6fc381fc8274a8e05c221c15702c0c523d1937fc0719a1d4a9e95cc804c560f
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d91b57ef2ccbfbf592adda4d4f085d413008450b8552621f786d89d2d63f34a7
dc0b056369f902839f460699d62209a33bd95fd3b624660960ea7aa798b47875
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3163a66c8938870b831c6f2a90d0cddf9d98fdc913166b1bdc9594fb274b5ec
e360257438dea51257d0cf04e78cf8b98bf2ef1322fe15703c5fc462773c7126
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bafeaaf68a33a482c778ea55adaa9a4e4203b9210ba4c5dc0755c2094b2e65
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ebd71ba9eaf11215076c5d7c5a1008c41c62df60cd56a85fec1e4ca27cd5fc53
ee6f3cd75f489dae92e1fe88dd79bf588445e10be056a751f301b24edfdca78b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaf4ad41f657cd1dc07408a59160cafa496db36c8ed259bff15ab87d80643d5
f0038b8065bf716b91d469addb1c35fc056b84f9668f06fb64fdc02529dd99f8
f19c2ce9d8e7a098a72218784daa3336efe3d1b6bd253d4ca8094827fc41bd22
f3323bb70bcd56b6f14d58f49d38adfc82ecd5bffef935214bcc242289e419ff
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f62a1e2cbae75ba7f6eb6089836106c92f2417f06e6df7ff478631a9e9a13a6f
f6953d051c837d4cf8fc462c207aecc0b92dc67c65a7575c29a522b191086c86
f7f3855adb8a03a74171e67756395c432a5adbe67c98801d6280530cebd27b22
fa2e4d3e22dc72f88b52ef2033c8fe6f8b6624ae48e98bd0251f14eb0a1fd613
fca05be564a0f1988ddd3fa28634a7ed2836e1f9d6f9108295de1def2a9b5cde
fd05441bcafb46a68769a87051c8c63495fe8bee66612b37300e804aeb94aa74
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ffe970a04c609cdda0d904680efb91b3d434417c1ab4489f8cc5fccba2275bf7