urlscan.io logo urlscan.io
SecurityTrails logo

pastelink.net Open in urlscan Pro
88.208.215.108  Public Scan

Go To Rescan Add Verdict Report
URL: https://pastelink.net/sxanhomm
Submission: On August 30 via manual from ID — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 17 countries across 109 domains to perform 388 HTTP transactions. The main IP is 88.208.215.108, located in United Kingdom and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 228335.
TLS certificate: Issued by R3 on June 23rd 2023. Valid for: 3 months.
This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 88.208.215.108 8560 (IONOS-AS ...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.139.128.10 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
3 130.211.23.194 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3 172.217.23.102 15169 (GOOGLE)
1 68.183.51.111 14061 (DIGITALOC...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
16 52.51.73.145 16509 (AMAZON-02)
2 8 51.89.9.251 16276 (OVH)
4 2602:803:c003... 26667 (RUBICONPR...)
1 178.128.135.204 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 185.255.84.151 200271 (IGUANE-)
5 81.17.55.98 60781 (LEASEWEB-...)
6 9 185.89.210.122 29990 (ASN-APPNEX)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 23.197.120.249 16625 (AKAMAI-AS)
10 23.218.210.30 16625 (AKAMAI-AS)
5 5 69.173.144.139 26667 (RUBICONPR...)
3 34.149.40.38 15169 (GOOGLE)
14 47 142.250.184.226 15169 (GOOGLE)
5 7 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 52.46.151.131 16509 (AMAZON-02)
3 5 2a05:d018:d29... 16509 (AMAZON-02)
2 4 67.220.224.144 16509 (AMAZON-02)
9 3.33.220.150 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 67.202.105.24 32748 (STEADFAST)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
21 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:d::4 44788 (ASN-CRITE...)
1 2600:9000:224... 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
1 154.58.197.185 174 (COGENT-174)
5 7 2001:678:cb4:... 56396 (AMOBEE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 4 35.186.193.173 15169 (GOOGLE)
1 3 34.96.105.8 396982 (GOOGLE-CL...)
1 1 35.190.0.66 15169 (GOOGLE)
4 9 104.18.39.155 13335 (CLOUDFLAR...)
3 4 185.86.138.154 201081 (SMARTADSE...)
1 1 185.29.134.244 30419 (MEDIAMATH...)
4 4 52.50.63.74 16509 (AMAZON-02)
5 5 76.223.111.18 16509 (AMAZON-02)
1 2 2620:116:800d... 16509 (AMAZON-02)
3 3 3.74.29.98 16509 (AMAZON-02)
3 3 213.155.156.180 1299 (TWELVE99 ...)
3 5 198.47.127.19 62713 (AS-PUBMATIC)
6 2a02:2638:3::10 44788 (ASN-CRITE...)
13 2a02:2638:d::2 44788 (ASN-CRITE...)
1 178.250.7.9 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.76.148.198 16509 (AMAZON-02)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3 34.91.62.186 396982 (GOOGLE-CL...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
8 8 18.196.113.49 16509 (AMAZON-02)
2 2 35.186.253.211 15169 (GOOGLE)
1 2 184.30.25.51 16625 (AKAMAI-AS)
2 4 216.52.2.16 30282 (AS-INAPCD...)
1 2600:1901:0:7... 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
1 3 2.20.213.154 16625 (AKAMAI-AS)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
1 145.239.193.130 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.9.22.61 16509 (AMAZON-02)
1 18.66.147.120 16509 (AMAZON-02)
1 99.86.4.52 16509 (AMAZON-02)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 178.250.7.13 44788 (ASN-CRITE...)
2 18.170.168.253 16509 (AMAZON-02)
5 2.18.96.187 16625 (AKAMAI-AS)
1 1 178.250.7.11 44788 (ASN-CRITE...)
1 13 198.47.127.205 3257 (GTT-BACKB...)
10 185.64.191.210 62713 (AS-PUBMATIC)
2 2 54.158.55.205 14618 (AMAZON-AES)
2 3 151.101.66.49 54113 (FASTLY)
1 1 82.145.213.8 39832 (NO-OPERA)
6 6 52.212.242.190 16509 (AMAZON-02)
1 7 185.86.139.104 201081 (SMARTADSE...)
3 3 208.93.169.131 46244 (WEBMD-IDC...)
3 3 35.214.243.232 15169 (GOOGLE)
2 2 193.0.160.130 54312 (ROCKETFUEL)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 72.251.241.196 32475 (SINGLEHOP...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 35.186.154.107 396982 (GOOGLE-CL...)
1 1 141.95.171.141 16276 (OVH)
2 2 141.94.171.216 16276 (OVH)
2 3 52.50.102.52 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.55.229.9 14618 (AMAZON-AES)
3 4 37.157.3.30 198622 (ADFORM)
4 4 3.71.149.231 16509 (AMAZON-02)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 1 18.185.199.180 16509 (AMAZON-02)
4 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 188.166.17.21 14061 (DIGITALOC...)
2 2 98.98.134.242 21859 (ZEN-ECN)
1 2.18.96.175 16625 (AKAMAI-AS)
1 23.218.208.23 16625 (AKAMAI-AS)
1 143.204.9.59 16509 (AMAZON-02)
3 4 64.74.236.191 22075 (AS-OUTBRAIN)
3 18.157.60.246 16509 (AMAZON-02)
4 4 35.244.159.8 15169 (GOOGLE)
1 99.81.44.5 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 18.208.74.11 14618 (AMAZON-AES)
1 1 216.52.2.91 32475 (SINGLEHOP...)
9 9 46.228.174.117 56396 (AMOBEE)
1 1 69.166.1.35 27630 (AS-XFERNET)
2 2 147.75.84.158 54825 (PACKET)
1 1 95.101.196.17 16625 (AKAMAI-AS)
1 1 8.2.110.24 46636 (NATCOWEB)
2 2 185.255.84.153 200271 (IGUANE-)
2 2 44.199.83.133 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 23.35.228.23 16625 (AKAMAI-AS)
1 15 34.247.205.196 16509 (AMAZON-02)
2 2 35.210.239.72 15169 (GOOGLE)
2 3 64.202.112.63 23352 (SERVERCEN...)
1 1 52.5.219.198 14618 (AMAZON-AES)
1 38.91.45.7 398989 (DEEPINTENT)
1 1 2.16.97.13 16625 (AKAMAI-AS)
1 1 124.146.215.49 2514 (INFOSPHER...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
3 3 198.47.127.18 62713 (AS-PUBMATIC)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
11 54.247.40.125 16509 (AMAZON-02)
2 2 188.42.196.115 7979 (SERVERS-COM)
1 1 193.108.153.21 20940 (AKAMAI-ASN1)
1 54.229.162.154 16509 (AMAZON-02)
1 23.88.86.2 ()
1 2606:4700:10:... ()
1 1 141.94.171.213 ()
388 109
13    88.208.215.108 (United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
pastelink.net
3    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn4.buysellads.net
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
12    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
www.googletagservices.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
3    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net
ad.doubleclick.net
1    68.183.51.111 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-us-ny-23.buysellads.com
srv.buysellads.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
16    52.51.73.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
ads.servenobid.com
8    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
4    2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    178.128.135.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
brightcombid.marphezis.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
5    81.17.55.98 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
9    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
4    23.197.120.249 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-120-249.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
token.rubiconproject.com
3    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
47    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
7    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    2a05:d018:d29:3605:999f:1d55:f8df:b156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    67.220.224.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
9    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
6    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
1    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
24    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
21    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
12    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2600:9000:2248:f000:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cti.w55c.net
1    2600:9000:2491:e600:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)
ads.w55c.net
1    154.58.197.185 (Mumbai, India)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com
t.hspvst.com
7    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
ipac.ctnsnet.com
3    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
9    104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
4    185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    52.50.63.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-63-74.eu-west-1.compute.amazonaws.com
match.360yield.com
ad.360yield.com
5    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    3.74.29.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-29-98.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    213.155.156.180 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
5    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
13    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    3.76.148.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-148-198.eu-central-1.compute.amazonaws.com
i.w55c.net
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
3    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    85.114.159.93 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
8    18.196.113.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-113-49.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    184.30.25.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-51.deploy.static.akamaitechnologies.com
sync.teads.tv
4    216.52.2.16 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
4    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
3    2.20.213.154 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-213-154.deploy.static.akamaitechnologies.com
www.awin1.com
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
1    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    2606:4700::6813:afbe (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
1    3.9.22.61 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-22-61.eu-west-2.compute.amazonaws.com
track.webgains.com
1    18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net
analytics.webgains.io
1    99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net
cdn.track.production.webgains.team
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    18.170.168.253 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-168-253.eu-west-2.compute.amazonaws.com
api.webgains.io
5    2.18.96.187 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-96-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
13    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
10    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    54.158.55.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-55-205.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
6    52.212.242.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-242-190.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
7    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
3    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
3    35.214.243.232 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 232.243.214.35.bc.googleusercontent.com
csync.loopme.me
2    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    72.251.241.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    35.186.154.107 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.154.186.35.bc.googleusercontent.com
cm-supply-web.gammaplatform.com
1    141.95.171.141 (France)

ASN16276 (OVH, FR)
PTR: bixel-7.cloudy.ovh
green.erne.co
2    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel-eu.onaudience.com
3    52.50.102.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-102-52.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    52.55.229.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-229-9.compute-1.amazonaws.com
a.audrte.com
4    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
4    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    18.185.199.180 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-199-180.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
4    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
casale-match.dotomi.com
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
1    2.18.96.175 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-96-175.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    23.218.208.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    143.204.9.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-9-59.mxp64.r.cloudfront.net
public.servenobid.com
4    64.74.236.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
3    18.157.60.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-60-246.eu-central-1.compute.amazonaws.com
match.sharethrough.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
eu-u.openx.net
us-u.openx.net
u.openx.net
1    99.81.44.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-44-5.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    2600:9000:223f:a200:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    18.208.74.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-74-11.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
9    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    95.101.196.17 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-196-17.deploy.static.akamaitechnologies.com
hbx.media.net
1    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
2    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    44.199.83.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-83-133.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:ed:550a:4bc9:ac6a:bf5b:3f86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
hblg.media.net
15    34.247.205.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    35.210.239.72 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
3    64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    52.5.219.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-219-198.compute-1.amazonaws.com
sync.ipredictive.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    2.16.97.13 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-13.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    124.146.215.49 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
11    54.247.40.125 (Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
cs.minutemedia-prebid.com
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    193.108.153.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-21.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    54.229.162.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    23.88.86.2 (None, )

ASN- ()
matching.truffle.bid
1    2606:4700:10::6816:1857 (None, )

ASN- ()
mwzeom.zeotap.com
1    141.94.171.213 (None, )

ASN- ()
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
59 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
ad.doubleclick.net — Cisco Umbrella Rank: 173
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
239 KB
39 googlesyndication.com
9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
167 KB
39 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 512
image6.pubmatic.com — Cisco Umbrella Rank: 752
ads.pubmatic.com — Cisco Umbrella Rank: 513
simage2.pubmatic.com — Cisco Umbrella Rank: 794
image2.pubmatic.com — Cisco Umbrella Rank: 895
image4.pubmatic.com — Cisco Umbrella Rank: 1151
image8.pubmatic.com — Cisco Umbrella Rank: 653
simage4.pubmatic.com
54 KB
31 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 510
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1036
eus.rubiconproject.com — Cisco Umbrella Rank: 593
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2179
token.rubiconproject.com — Cisco Umbrella Rank: 597
pixel.rubiconproject.com — Cisco Umbrella Rank: 366
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1110
66 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 34772
ad4m.at — Cisco Umbrella Rank: 12393
assets.ad4m.at — Cisco Umbrella Rank: 44002
1 MB
21 criteo.net
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10696
static.criteo.net — Cisco Umbrella Rank: 603
csm.eu.criteo.net — Cisco Umbrella Rank: 10389
196 KB
17 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2295
public.servenobid.com — Cisco Umbrella Rank: 4549
10 KB
16 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1524
usersync.gumgum.com — Cisco Umbrella Rank: 1853
5 KB
16 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1594
ssbsync.smartadserver.com — Cisco Umbrella Rank: 777
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 682
14 KB
13 pastelink.net
pastelink.net — Cisco Umbrella Rank: 228335
345 KB
12 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 4792
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 3806
7 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
secure.adnxs.com — Cisco Umbrella Rank: 450
acdn.adnxs.com — Cisco Umbrella Rank: 578
24 KB
9 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 475
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
dsum.casalemedia.com — Cisco Umbrella Rank: 1377
6 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 348
2 KB
9 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451
ups.analytics.yahoo.com — Cisco Umbrella Rank: 326
4 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 342
3 KB
8 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1076
6 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 767
ads.eu.criteo.com — Cisco Umbrella Rank: 10282
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 11410
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 19450
gum.criteo.com — Cisco Umbrella Rank: 426
mug.criteo.com — Cisco Umbrella Rank: 2631
dis.criteo.com — Cisco Umbrella Rank: 596
61 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 736
4 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 561
4 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 834
r.turn.com — Cisco Umbrella Rank: 3871
3 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 564
3 KB
6 openx.net
rtb.openx.net — Cisco Umbrella Rank: 751
eu-u.openx.net — Cisco Umbrella Rank: 2529
us-u.openx.net — Cisco Umbrella Rank: 478
u.openx.net — Cisco Umbrella Rank: 670
2 KB
6 w55c.net
cti.w55c.net — Cisco Umbrella Rank: 3733
ads.w55c.net — Cisco Umbrella Rank: 13163
pm.w55c.net — Cisco Umbrella Rank: 854
i.w55c.net — Cisco Umbrella Rank: 2115
70 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1471
mp.4dex.io — Cisco Umbrella Rank: 2303
u.4dex.io — Cisco Umbrella Rank: 4014
30 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 659
ce.lijit.com — Cisco Umbrella Rank: 857
2 KB
5 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 388
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
283 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2547
21 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
228 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 546
2 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3398
casale-match.dotomi.com — Cisco Umbrella Rank: 2949
1 KB
4 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3237
c1.adform.net — Cisco Umbrella Rank: 591
3 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2537
3 KB
4 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2071
ad.360yield.com — Cisco Umbrella Rank: 701
1 KB
4 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50826
ipac.ctnsnet.com — Cisco Umbrella Rank: 5694
2 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1307
contextual.media.net — Cisco Umbrella Rank: 666
hbx.media.net — Cisco Umbrella Rank: 1253
hblg.media.net — Cisco Umbrella Rank: 2065
10 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 897
api.btloader.com — Cisco Umbrella Rank: 1014
9 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 778
1005 B
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 623
i6.liadm.com — Cisco Umbrella Rank: 2522
2 KB
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2190
cs.yellowblue.io — Cisco Umbrella Rank: 2392
2 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 558
103 B
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 795
1 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19653
pixel.onaudience.com
2 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 890
719 B
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 551
3 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 692
899 B
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 30936
api.webgains.io — Cisco Umbrella Rank: 76621
18 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18330
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 791
2 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4396
865 B
3 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1998
691 B
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4109
visitor.omnitagjs.com — Cisco Umbrella Rank: 944
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
247 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
2 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1532
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 570
701 B
2 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 4628
909 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 880
226 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1239
983 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 706
938 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 25640
497 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 812
2 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 716
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1326
606 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1537
1 KB
2 ad4mat.net
static-de.ad4mat.net — Cisco Umbrella Rank: 167849
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 137423
4 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 756
958 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 805
s.tribalfusion.com — Cisco Umbrella Rank: 1949
1 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1048
1 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
6 KB
1 zeotap.com
mwzeom.zeotap.com
439 B
1 truffle.bid
matching.truffle.bid
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 537
571 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4078
462 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1188
836 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 584
768 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1052
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 925
465 B
1 admanmedia.com
cs.admanmedia.com Failed
sync.admanmedia.com — Cisco Umbrella Rank: 3059
366 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 929
623 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1651
160 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2518
555 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6505
347 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31522
412 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2898
642 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5941
276 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1395
283 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2773
308 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1476
552 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 92540
15 KB
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 49150
2 KB
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 90611
493 B
1 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 47866
466 B
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 76377
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 70829
330 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 70577
184 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1098
775 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 6964
550 B
1 hspvst.com
t.hspvst.com — Cisco Umbrella Rank: 180513
928 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1064
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 365
649 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1754
436 B
1 marphezis.com
brightcombid.marphezis.com — Cisco Umbrella Rank: 14419
225 B
1 buysellads.com
srv.buysellads.com — Cisco Umbrella Rank: 19754
711 B
1 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 18827
152 KB
0 semasio.net Failed
uipglob.semasio.net Failed
0 adotmob.com Failed
sync.adotmob.com Failed
388 109
Domain Requested by
47 cm.g.doubleclick.net 14 redirects eus.rubiconproject.com
9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
pastelink.net
g2.gumgum.com
21 tpc.googlesyndication.com 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
pastelink.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
16 ads.servenobid.com cdn4.buysellads.net
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
15 usersync.gumgum.com 1 redirects g2.gumgum.com
eus.rubiconproject.com
13 simage2.pubmatic.com 1 redirects ads.pubmatic.com
13 static.criteo.net ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
cdn4.buysellads.net
13 pastelink.net pastelink.net
12 assets.ad4m.at as.ad4m.at
12 pagead2.googlesyndication.com 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
pastelink.net
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
11 cs.minutemedia-prebid.com cs-rtb.minutemedia-prebid.com
eus.rubiconproject.com
10 image2.pubmatic.com ads.pubmatic.com
10 eus.rubiconproject.com pastelink.net
eus.rubiconproject.com
cdn4.buysellads.net
public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
9 match.adsrvr.org eus.rubiconproject.com
9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
ads.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
8 x.bidswitch.net 8 redirects
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
pastelink.net
as.ad4m.at
ad4m.at
8 onetag-sys.com 2 redirects cdn4.buysellads.net
pastelink.net
public.servenobid.com
cs-rtb.minutemedia-prebid.com
7 sync.1rx.io 7 redirects
7 rtb-csync.smartadserver.com 1 redirects public.servenobid.com
ssbsync.smartadserver.com
7 pixel.rubiconproject.com 5 redirects eus.rubiconproject.com
7 securepubads.g.doubleclick.net cdn4.buysellads.net
securepubads.g.doubleclick.net
9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
7 www.google.com 1 redirects pastelink.net
9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
tpc.googlesyndication.com
6 match.prod.bidr.io 6 redirects
6 imageproxy.eu.criteo.net 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
ads.eu.criteo.com
6 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 ads.pubmatic.com pastelink.net
ads.pubmatic.com
cdn4.buysellads.net
public.servenobid.com
g2.gumgum.com
5 image6.pubmatic.com 3 redirects ads.pubmatic.com
5 eb2.3lift.com 5 redirects
5 ssum-sec.casalemedia.com 3 redirects public.servenobid.com
ssum-sec.casalemedia.com
5 ad.turn.com 5 redirects
5 www.googletagservices.com 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
pastelink.net
5 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
5 ib.adnxs.com 2 redirects cdn4.buysellads.net
acdn.adnxs.com
5 prg.smartadserver.com cdn4.buysellads.net
4 b1sync.zemanta.com 3 redirects
4 ups.analytics.yahoo.com 4 redirects
4 a.audrte.com 3 redirects ads.pubmatic.com
4 ap.lijit.com 2 redirects public.servenobid.com
cs-rtb.minutemedia-prebid.com
4 secure.adnxs.com 4 redirects
4 ssbsync.smartadserver.com 3 redirects public.servenobid.com
4 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 secure-assets.rubiconproject.com 4 redirects
4 fastlane.rubiconproject.com cdn4.buysellads.net
4 fonts.gstatic.com fonts.googleapis.com
3 image8.pubmatic.com 3 redirects
3 sync.outbrain.com 2 redirects g2.gumgum.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 match.sharethrough.com public.servenobid.com
cs-server-s2s.yellowblue.io
3 c1.adform.net 2 redirects ads.pubmatic.com
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 csync.loopme.me 3 redirects
3 bh.contextweb.com 3 redirects
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 www.awin1.com 1 redirects as.ad4m.at
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 d5p.de17a.com 3 redirects
3 pm.w55c.net 3 redirects
3 match.360yield.com 3 redirects
3 tr.blismedia.com 1 redirects 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
3 gcm.ctnsnet.com 3 redirects
3 u.4dex.io eus.rubiconproject.com
ads.pubmatic.com
3 ad.doubleclick.net 2 redirects pastelink.net
3 api.btloader.com btloader.com
3 region1.google-analytics.com www.googletagmanager.com
3 www.googletagmanager.com pastelink.net
www.googletagmanager.com
www.google-analytics.com
3 fonts.googleapis.com pastelink.net
9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
2 ads.betweendigital.com 2 redirects
2 creativecdn.com 2 redirects
2 u.ipw.metadsp.co.uk 2 redirects
2 casale-match.dotomi.com 2 redirects
2 i.liadm.com 2 redirects
2 visitor.omnitagjs.com 2 redirects
2 prebid.a-mo.net 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
2 eu-u.openx.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 p.rfihub.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 api.webgains.io analytics.webgains.io
2 gum.criteo.com 1 redirects static.criteo.net
2 sync.teads.tv 1 redirects pastelink.net
2 rtb.openx.net 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 csm.eu.criteo.net ads.eu.criteo.com
2 googleads.g.doubleclick.net 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
2 cms.quantserve.com 1 redirects 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
2 r.turn.com 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
2 script.4dex.io cdn4.buysellads.net
script.4dex.io
2 ad-delivery.net pastelink.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdnjs.cloudflare.com pastelink.net
ads.eu.criteo.com
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com
1 matching.truffle.bid ads.pubmatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 ads.stickyadstv.com 1 redirects
1 u.openx.net 1 redirects
1 ads.playground.xyz 1 redirects
1 tg.socdm.com 1 redirects
1 ad.360yield.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 us-u.openx.net 1 redirects
1 hblg.media.net contextual.media.net
1 pixel-us-east.rubiconproject.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 i6.liadm.com ssum-sec.casalemedia.com
1 sync.admanmedia.com 1 redirects
1 hbx.media.net 1 redirects
1 sync.go.sonobi.com 1 redirects
1 ce.lijit.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 public.servenobid.com cdn4.buysellads.net
1 contextual.media.net cdn4.buysellads.net
1 acdn.adnxs.com cdn4.buysellads.net
1 match.adsby.bidtheatre.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 green.erne.co 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 t.adx.opera.com 1 redirects
1 dis.criteo.com 1 redirects
1 mug.criteo.com
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 track.webgains.com as.ad4m.at
1 www.conrad.de as.ad4m.at
1 pv.medialead.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 rtb.fr3.eu.criteo.com 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
1 prod-rtb.ad4mat.net 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
1 static-de.ad4mat.net as.ad4m.at
1 i.w55c.net 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
1 cat.fr3.eu.criteo.com ads.eu.criteo.com
1 sync.mathtag.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 s.tribalfusion.com 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects ads.pubmatic.com
1 t.hspvst.com 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
1 ads.w55c.net 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
1 cti.w55c.net 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
1 ads.eu.criteo.com 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
1 ssc-cms.33across.com pastelink.net
1 px.ads.linkedin.com eus.rubiconproject.com
1 pixel-eu.rubiconproject.com 1 redirects
1 cadmus.script.ac script.4dex.io
1 hbopenbid.pubmatic.com cdn4.buysellads.net
1 prebid.media.net cdn4.buysellads.net
1 bidder.criteo.com cdn4.buysellads.net
1 hb-api.omnitagjs.com cdn4.buysellads.net
1 mp.4dex.io cdn4.buysellads.net
1 brightcombid.marphezis.com cdn4.buysellads.net
1 srv.buysellads.com cdn4.buysellads.net
1 btloader.com cdn4.buysellads.net
1 www.gstatic.com www.google.com
1 cdn4.buysellads.net pastelink.net
0 uipglob.semasio.net Failed
0 cs.admanmedia.com Failed public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 sync.adotmob.com Failed
388 176
Subject Issuer Validity Valid
*.pastelink.net
R3		 2023-06-23 -
2023-09-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
cdn4.buysellads.net
R3		 2023-07-21 -
2023-10-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.buysellads.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-25 -
2024-06-24		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.marphezis.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-03 -
2024-01-03		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-07-05 -
2023-10-03		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
script.ac
E1		 2023-07-05 -
2023-10-03		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
*.w55c.net
Amazon RSA 2048 M02		 2023-05-29 -
2024-06-25		 a year crt.sh
ads.w55c.net
Amazon RSA 2048 M02		 2023-07-19 -
2024-08-16		 a year crt.sh
*.hspvst.com
Gandi Standard SSL CA 2		 2022-12-12 -
2023-12-09		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-29		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-07-31 -
2023-10-29		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
pv.medialead.de
R3		 2023-08-13 -
2023-11-11		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
u.4dex.io
GTS CA 1D4		 2023-08-25 -
2023-11-23		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh

This page contains 78 frames:

Primary Page: https://pastelink.net/sxanhomm
Frame ID: 9FDABA4F3786D0EE07B3A945E24EBD35
Requests: 75 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Frame ID: AF6D2924702281FC6F0FF2AE7993EFBD
Requests: 11 HTTP requests in this frame

Frame: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 81D33375F12B8B76AF117D1F8BAEAC4C
Requests: 1 HTTP requests in this frame

Frame: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 35993151E9E164179393DC50835A8011
Requests: 10 HTTP requests in this frame

Frame: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7FABFDD447ABB0826B23C76F6E1E8D35
Requests: 10 HTTP requests in this frame

Frame: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 88919C87FE905287EF34D096CE935B8A
Requests: 13 HTTP requests in this frame

Frame: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ADBC7D91645DA80EA993B5A1F0B50EC2
Requests: 3 HTTP requests in this frame

Frame: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6CAFC1E386562F2E96654FC586E70A4C
Requests: 9 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 839F8C642C5D8EA88B258440EE0FC157
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k8c5syrwpc963gk1sdr2m063759pe6jw8qqng7nqxkkhn5gm4aqvrbj22aatcm8g3bygt47znr8yrktbhykamdzjh6tp4damcz5ak2hm1r81r0myskfxm407171e8h6zbkbbg2q4c0t9zvvjsfyjmzmqf48tbkrsk020mg8qzsr0ww6bszfm63c4v8esf8enf5pg8nk2wxv9vms0ws028skhrzq1p9zvzmrmwj3e2dewmf79b1k3dtazds95840jd5tn9tw196fm8wyps5zmevxyepxwzq56412rkbhzhk0631c36fhj9rpcs9eec1ddv0sr463q72v0zak0mp9xcdgahhxj1sn8she64ad11bkzjvwyzdfm6c97fn5yrrrgewtxy3f9cffks724qcftsw4h3q89ew7bh1fax21s6zmpe25ydremtyyptq7ddt8s36eqq3y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%26client%3Dca-pub-9602519502618262%26adurl%3D
Frame ID: F20604892F09F0A07885F6B3AC519056
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FF62155FC3C58C6D50C389BDDE3C7B53
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Frame ID: 38545EE72AFEB6670D4EA11A8A7BAD89
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC07D893FE6E61261519FDF6D719F7E7
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h33fepgem43ras8hz4z8yjxdash8g51809f30cna4ptd0yv7739rhpxh0bc04xen820gx8qfayt3wcn8hpz22pcprsch1b80qmeavxq73z5kagnm16jcw91h27wesgb17ssdt7yv354jttaj020htw16k83kqqdcs9em1pvngxcdedp182b5ek2a7z256rq8ar62x7v621q7qazs44qbtq2zhn28cf1ad9jq8jsrbef24f1tqwjx76serzd20adrgxakxnmp88a8pbk8g6fgbqkmhgg3qb4g303yqp673qc00g2j1cckpr5te6ffrw33k7bbhd2srx6dm375d7exapq6b1jh8tyacnw7e0q9dt790msz8d80m6t6b56vyx216jqek8g9r91eety8wqhcc64hk42875w56bnzgzg62g039w8y0rr9g6wqpgbg98kgvj9dzr7pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%26client%3Dca-pub-9602519502618262%26adurl%3D
Frame ID: 8FE55837507C87EA9548F2AC51722916
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Frame ID: 421DD03E6BAD7200E8F6D0D578D85A5C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9DBF7FE376DF553424CA80F9D231683A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A440802D9C0007B0FD6B3B9A62E11F11
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EA2BC85F9D8AF29293D52560EE2931B6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1A8DA2D63CD82484A9F4A73588362D07
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 52A8037001688BB3B24786FAE786ECB0
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0727C5D3EFADCCC013DBD37EB8D1470D
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=300&d=250&e=&g=8b396a88823e724936078fa7ae8305a8%2F11621732870452224532&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1693430273978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksjwbck6hsrpq4r5zmj1f2yrnh8g4j6vxjagr6v66xnznr91er5v06hzvdcpthcyecx9trsf7wh6sts7y8v6gnwv8avvg5hzb6zaw61d4esmhzfvy8dkfzfk9f45gkq9ymeck1zbxx7wmag76bp3c2dzs9zs8knwnna350c40bj94qqd5vjbvcv3t9817zy900nhkqhgc4e8em92m73sms7p29j9j6tx9sxq9d9wzqgfvetafgyv8ny7nvwk67v1xjaxhvj0z7698aznpxkj158%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Frame ID: A114FF5A08017B712F3BB56628A30387
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=6df2ba62ff2c9bcd4832251b7f65f1c3%2F17485580453224571119&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1693430273982&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Frame ID: DD99F7D6E995F6B8BDD863139F37C498
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 1745833D0742F275DC93FC3F300FD9A0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
Frame ID: 3D60543877E5B1543640D36BEF5388AA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C47EC7C19B4C4775EF40D3429D72515
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 26DA82B83D6A74C4F79BAA2B6A0A8032
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: A73F9A887BC7EC0B3448ABDF459AD3C2
Requests: 23 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: EDA61A33FB84EB0BEB2D2AFC106E1D23
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&redir=true&gdpr=0&gdpr_consent=
Frame ID: E65A874D5868FA49FB2F6C66B4E704FE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9WDSV6FmhwDubYRT8zWaBvQw0gbuYI4Bp2JZmaS6
Frame ID: A1C2BACAE5CC471F4187DA2FEEED6517
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8922632082486160958&gdpr=0&gdpr_consent=
Frame ID: 569EDCC9C1C8D296D572A08D1D2891C4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273227640611928218&gdpr=0&gdpr_consent=
Frame ID: 872EE4B4055996EE9DB319A7F4908F5A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MbtkqGTcW2dNwrNZRB8WaLAKa-0&gdpr=0&gdpr_consent=
Frame ID: 4E7F52520730B6BF36CB387459F91F2B
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO_yAwAMosSvAQAb
Frame ID: 64AAF3958F6715C40D61D6E64499AE3D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3e35cfeb36bd4288a3e0903ebcaaf1dc
Frame ID: B0A3FE045A3CDF57BF75A401233B58A6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEs7U7J32QAACVfjqi53Q&gdpr=0&gdpr_consent=
Frame ID: EEB1DC1981D0EE3644928638240F5D8E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: ACE96EC70DDD3E80EF628742E5557D6B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084926951602493
Frame ID: 5AF94F92F1F6C7A7BA4A53BB45C1A04A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent=
Frame ID: D27418C536E6B992DE47442B615E677B
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 851DA272332A9557B45A78D3161708A9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4587697792382255801
Frame ID: 49FAC0665D460937E59EA599447B2ADC
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 11E8961818AFD1B79178F85C7E6C3937
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: DCA7204D394291359E87680C60868018
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1cih5oky3kh7
Frame ID: 524D207AB0B45CA7331C0795E0038EE0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMgXgVUYgQWjYhWjg&gdpr=0&gdpr_consent=
Frame ID: 33C866447C702F22C38E3506945EDE8D
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71
Frame ID: F7E66894CDA0AF9E1C917DAAEBEB2FA4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3F808B914B53E3218EF11CDA35DE0738
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A5BE4DEB92F6B5C3A82CB28926AB0B0C
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 71F831C9AD36A689F8DA5010145B541F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Frame ID: 3127A88111683F47F3C7F396C6B363ED
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: AC5F0587CE27A22BB749C972B733A3CA
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1693430272163
Frame ID: B67B3C593DC435AF536CBC7CCE643B9D
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 02E64801C23EC2F67AFC6DD17D9146E5
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 4F8FF6923E27C8FC34BC302C6543D103
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: BEAB2E83F07AC849181367D111003797
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 60A4EECC9C655821BC0370675F24B1D3
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 859F8B17E4F48000CF1BAEFF3BBFED8B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: FC9AB3B9712CA027CE3AE69A76B5D5C1
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 674C37AC3DCB212ADE315940E0A8931A
Requests: 14 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 27952C5B8241D3D9173A1E15AB404181
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 23C4A49F61152D4A22B59AE8D6323724
Requests: 5 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZO_yAwAMosSvAQAb&gdpr=0&gdpr_consent=
Frame ID: 113C0A98BE9FD3A2F86309945462AAB7
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wZWNiMjNmOC0xOTgxLTQxNTQtOTE4Zi0zZjJhYTZlODY4NjY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 8BD1FE6BA4246E323C61F5299E778700
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 2D376AEC7E3E29473E1A4B3E589A4FF0
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: E74F47B6B622E491CE5959BE613F0E06
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZO.yBMCo8XcAALUOgEsAAAAA
Frame ID: C8775CDC37FE6FCEBA227B8662F3580F
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_0ecb23f8-1981-4154-918f-3f2aa6e86866&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: FE61D8050070830B61C55D8EB24739F3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=60DwKxBWxnvwV0l2VsK3&pi=gumgum&tc=1
Frame ID: 4C0B321312CB5F64165C803FBC2A4480
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: E54734F43D3888DC54F6D5690411BD19
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
Frame ID: C9F4A51F67C5FEA33A3AA90F705AE749
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Frame ID: 9F4C6D637366A678806D19FA8B3F1A35
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent=
Frame ID: 41586B703ADBB21C623901EE29A41E56
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: D8EF5B22DF33F728E73E4462265BE8F7
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: BB95B1BF50C2AA1320119F5742305A61
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1310393143
Frame ID: 1CFF21DDC41C2485D673A7346EA7AB24
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AA90B719F30A43B2ADCE52BA483C8E27&gdpr=0&gdpr_consent=
Frame ID: ABD2BA994F82AA1C2AF1F1C001001A99
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71
Frame ID: 0582F877B6A658BD5987B59A262E6349
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kompak4d Daftar Situs Penyedia Games Resmi Paling Lengkap - Pastelink.net

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

388
Requests

72 %
HTTPS

27 %
IPv6

109
Domains

176
Subdomains

109
IPs

17
Countries

3727 kB
Transfer

7383 kB
Size

177
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Request Chain 63
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LLY8NSMS-J-C6EW HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LLY8NSMS-J-C6EW
Request Chain 64
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExZOE5TTVMtSi1DNkVX HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED93_7i2yKgHB2gCs_ydnLk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZOE5TTVMtSi1DNkVX&google_push=
Request Chain 65
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDYIbAWfTgEesuci3wgZSdw&google_cver=1
Request Chain 66
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLY8NSMS-J-C6EW
Request Chain 67
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=gX_GXqiPThmjjr4c2B_DYQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gX_GXqiPThmjjr4c2B_DYQ
Request Chain 68
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/xiKzSr-3ZdzmgI7zeTSNHQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ojXFItlE2oJ8AzgviDHBxhB_w8u8ne2ETtCLUA--~A
Request Chain 69
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=f4lLgH2QR1K7R3QYq1_XNA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=f4lLgH2QR1K7R3QYq1_XNA
Request Chain 71
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTJhMDZkODg4ODdiNTNmZWY3YTUxZjY2MWJiMzJmZmIzM2E0MmMwZQ
Request Chain 118
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDkxB9PhfmsuJie2daStzP0&google_cver=1&google_push=AXcoOmTQ-_hiUsiaDoqEsy6nV0pDPS1sQxkKbC1Nn2OTWMQJep2FIkfsC3m6lrz8TAyNPYEGsnyRqb3vo1Z7nuqBXU-LvX6McX0l HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NjkxOTAyMTczNjUzNDM5Mjg1MQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDkxB9PhfmsuJie2daStzP0&google_cver=1
Request Chain 119
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELx9RsRO3-647VlreNwZML4&google_cver=1&google_push=AXcoOmSzQQkLgnCPcsrmo6o3jWB6JOEe_Jwvfmox7mekqz0ocdYnI-sHZv1akqLnyze2N1USkOuo3D_dMJ6XUhmuKOLZLvPRLVD1&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSzQQkLgnCPcsrmo6o3jWB6JOEe_Jwvfmox7mekqz0ocdYnI-sHZv1akqLnyze2N1USkOuo3D_dMJ6XUhmuKOLZLvPRLVD1%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELx9RsRO3-647VlreNwZML4&google_cver=1&google_push=AXcoOmSzQQkLgnCPcsrmo6o3jWB6JOEe_Jwvfmox7mekqz0ocdYnI-sHZv1akqLnyze2N1USkOuo3D_dMJ6XUhmuKOLZLvPRLVD1&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSzQQkLgnCPcsrmo6o3jWB6JOEe_Jwvfmox7mekqz0ocdYnI-sHZv1akqLnyze2N1USkOuo3D_dMJ6XUhmuKOLZLvPRLVD1%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 120
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIuTnwFzaM0LpgyoqQJpWcI&google_cver=1&google_push=AXcoOmR9yt-znd3veubnXv5aGW-Aai_jsUw3dQ_pVU02IB2Fl9sabmEN1NQ0TZCYh27HKwtOeRaORae1x8QbrsCpVTEjDVUWKevw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR9yt-znd3veubnXv5aGW-Aai_jsUw3dQ_pVU02IB2Fl9sabmEN1NQ0TZCYh27HKwtOeRaORae1x8QbrsCpVTEjDVUWKevw&google_hm=psLVJqHIRX2JmFqWC5lBGu0
Request Chain 122
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDeCoIyFAPO9errWhig6nUA&google_cver=1&google_push=AXcoOmTrpjWz4U9Haz5bEtPcwFO6Kv5fexKVFOB__2g8_cK9hXezrd4nfAb1d_oA3Jh3rY64cTqJ1hfplH1mSPL-M8u0UpNsIFg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Hhy4d4lPROambJIN_5agBQ2&google_push=AXcoOmTrpjWz4U9Haz5bEtPcwFO6Kv5fexKVFOB__2g8_cK9hXezrd4nfAb1d_oA3Jh3rY64cTqJ1hfplH1mSPL-M8u0UpNsIFg
Request Chain 123
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKflK0GZEQgOEAWsljwqB6k&google_cver=1&google_push=AXcoOmTIn1Z2Nd_rfPTL1uHEn-fpG3b_IHKAXIanJRMJMkHqYd3d-lT1XsOMDhwCZqu9rd9J7IcwnLp1dAdkF9xPYaPrqzzgpWE HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKflK0GZEQgOEAWsljwqB6k&google_push=AXcoOmTIn1Z2Nd_rfPTL1uHEn-fpG3b_IHKAXIanJRMJMkHqYd3d-lT1XsOMDhwCZqu9rd9J7IcwnLp1dAdkF9xPYaPrqzzgpWE&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKflK0GZEQgOEAWsljwqB6k&google_hm=ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB&google_nid=index&google_push=AXcoOmTIn1Z2Nd_rfPTL1uHEn-fpG3b_IHKAXIanJRMJMkHqYd3d-lT1XsOMDhwCZqu9rd9J7IcwnLp1dAdkF9xPYaPrqzzgpWE
Request Chain 124
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGMTf9j5lK71958aRaXG_Os&google_cver=1&google_push=AXcoOmQPAiRphfP9B8dw6fUfRTFC3nv06Wx7Uwne2LmmsjRytG8IoxME8vU1uJr-cHndEE7T49JVgXG4O1XfAHF8XwT27Rja8PWd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQPAiRphfP9B8dw6fUfRTFC3nv06Wx7Uwne2LmmsjRytG8IoxME8vU1uJr-cHndEE7T49JVgXG4O1XfAHF8XwT27Rja8PWd&google_hm=NTgyNDQ4OTY3OTg1MDE1MTIwOA%3D%3D
Request Chain 126
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDkxB9PhfmsuJie2daStzP0&google_cver=1&google_push=AXcoOmTn4zy5gV8GPMjfxVh5LmNxkTNQ6fb3KHPVQnr8l_7dOolVtBZir7GRmA8sko6pkXhdlKtW3udk9FKG9xmpMjkbgmUIKWVX_w7zKu0YfJpVJtRPlPGts-rzq1sgcEuHfMjHAPYdzowh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Njk5MTA3OTMzMDU3MjMyMDc4Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDkxB9PhfmsuJie2daStzP0&google_cver=1
Request Chain 127
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKRUj9u7yKZ_lu2TD9NEz3U&google_cver=1&google_push=AXcoOmR70woUXhQ6vsQwErso93U6W6kqgIY37n29zOoT1x7dHO8UYvVamyrWxsFXS4yhiPVujJPyncLGMvG9j9SpZHPXyFFtM_NbHKwY69SDltogn8fWRCWgZGI8zIt-IEC8wXIOtrnYGiT7-Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmR70woUXhQ6vsQwErso93U6W6kqgIY37n29zOoT1x7dHO8UYvVamyrWxsFXS4yhiPVujJPyncLGMvG9j9SpZHPXyFFtM_NbHKwY69SDltogn8fWRCWgZGI8zIt-IEC8wXIOtrnYGiT7-Q
Request Chain 130
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEHrUbeQS7TiGmVrFXvxFqo&google_cver=1&google_push=AXcoOmSqXz1fB7T37z1Jhvy9Whgts816Gwp00eJeQmn9qQK56w6PquPemcNbBQb65slsf94gOCb9pMHn8gj3TnI5VavIq7ESTwOaQTDyIi2sEEgFDKJBQ6oCcfepN0IEwqIu0Dj0uGIdhfqr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSqXz1fB7T37z1Jhvy9Whgts816Gwp00eJeQmn9qQK56w6PquPemcNbBQb65slsf94gOCb9pMHn8gj3TnI5VavIq7ESTwOaQTDyIi2sEEgFDKJBQ6oCcfepN0IEwqIu0Dj0uGIdhfqr&google_hm=eS1Pa0xLYlBGRTJwSFp2VXNVblFJT0NZLnFBd2h5RWtJRH5B
Request Chain 131
  • https://match.360yield.com/match/ebda?google_gid=CAESEMRlIThRvLPcZu1275AoMl0&google_cver=1&google_push=AXcoOmQsM_YDGkpaZWvk5DFUjOvTeiN6wF_A7NeyKI1U6vLzUsQSC49_CdI2zczQOd8R3jSTw-s-oVcJHitjD6Mr9EkHVrQJ60ofo06h7DayJeh-80kqFFOivc5BFjXgbWdErcrSmhEyFYSD HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMRlIThRvLPcZu1275AoMl0&google_cver=1&google_push=AXcoOmQsM_YDGkpaZWvk5DFUjOvTeiN6wF_A7NeyKI1U6vLzUsQSC49_CdI2zczQOd8R3jSTw-s-oVcJHitjD6Mr9EkHVrQJ60ofo06h7DayJeh-80kqFFOivc5BFjXgbWdErcrSmhEyFYSD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=H5435Y-DTAueynu2E6MCEQ&google_push=AXcoOmQsM_YDGkpaZWvk5DFUjOvTeiN6wF_A7NeyKI1U6vLzUsQSC49_CdI2zczQOd8R3jSTw-s-oVcJHitjD6Mr9EkHVrQJ60ofo06h7DayJeh-80kqFFOivc5BFjXgbWdErcrSmhEyFYSD
Request Chain 132
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENd1Z5YEPDlTwOtdO4G4_iY&google_cver=1&google_push=AXcoOmSmX1KMuszCZqRc_s4phkfAUHtfH1YVjVvW2CDnvazYGOEgPkJ1FKZmXNQmm8X8UCjUg0hNzIsQ3gS7IaY0BU5sVb6CJbPQ7zscxMp8_aoFTezmyiO1t7eJ_Xikyw0kdAVbFAfrkchJfQ HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSmX1KMuszCZqRc_s4phkfAUHtfH1YVjVvW2CDnvazYGOEgPkJ1FKZmXNQmm8X8UCjUg0hNzIsQ3gS7IaY0BU5sVb6CJbPQ7zscxMp8_aoFTezmyiO1t7eJ_Xikyw0kdAVbFAfrkchJfQ&google_gid=CAESENd1Z5YEPDlTwOtdO4G4_iY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY3MTYxODIxMTM3ODE4MDg2NTQ1&google_push=AXcoOmSmX1KMuszCZqRc_s4phkfAUHtfH1YVjVvW2CDnvazYGOEgPkJ1FKZmXNQmm8X8UCjUg0hNzIsQ3gS7IaY0BU5sVb6CJbPQ7zscxMp8_aoFTezmyiO1t7eJ_Xikyw0kdAVbFAfrkchJfQ
Request Chain 139
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKo_8mhc3rp_dN-FN2nJqHY&google_cver=1&google_push=AXcoOmSk31ufgC8QBML3LCnixftDDmPDbjLx-CFS9-r7ZrqPmc2JWLo0zz6jGrXzgiN28wnNsQOyhp_OWUkFCzb5jTpWOgUncAjG HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKo_8mhc3rp_dN-FN2nJqHY&google_cver=1&google_push=AXcoOmSk31ufgC8QBML3LCnixftDDmPDbjLx-CFS9-r7ZrqPmc2JWLo0zz6jGrXzgiN28wnNsQOyhp_OWUkFCzb5jTpWOgUncAjG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=akNCZER6WXQxUUJzenY1&google_gid=CAESEKo_8mhc3rp_dN-FN2nJqHY&google_cver=1&google_push=AXcoOmSk31ufgC8QBML3LCnixftDDmPDbjLx-CFS9-r7ZrqPmc2JWLo0zz6jGrXzgiN28wnNsQOyhp_OWUkFCzb5jTpWOgUncAjG
Request Chain 140
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIuTnwFzaM0LpgyoqQJpWcI&google_cver=1&google_push=AXcoOmQhakkqngIFKPSfRnYcLsnI9hV1xnTZ9-jykFvwvRCSWNtncXioGrCg6NK7cc8N-ssVJMiK-x8ODJuPGxHV8k8imys4hoM9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQhakkqngIFKPSfRnYcLsnI9hV1xnTZ9-jykFvwvRCSWNtncXioGrCg6NK7cc8N-ssVJMiK-x8ODJuPGxHV8k8imys4hoM9&google_hm=AWb-MKQcQl2QBx65Yw6R1e0
Request Chain 141
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELx-hGIpEbhO64v7FJM_4fU&google_cver=1&google_push=AXcoOmQK4MiuoRa2IrGrohzwVLbBtf2gzsnDzlQT2nABYvrId4H_RI3v0eu4RBT2vfqSle_au293_-JNxiwIIy1k_3jQnkQtR00 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELx-hGIpEbhO64v7FJM_4fU&google_cver=1&google_push=AXcoOmQK4MiuoRa2IrGrohzwVLbBtf2gzsnDzlQT2nABYvrId4H_RI3v0eu4RBT2vfqSle_au293_-JNxiwIIy1k_3jQnkQtR00 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQK4MiuoRa2IrGrohzwVLbBtf2gzsnDzlQT2nABYvrId4H_RI3v0eu4RBT2vfqSle_au293_-JNxiwIIy1k_3jQnkQtR00
Request Chain 142
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM5kHsfw_MvozUTLc7CgjYI&google_cver=1&google_push=AXcoOmRgQ2ngJ1Inyu1SZJONdWarspAOvpiOKWWYhXogYX6n5f43CGUqAA3qtk9jRvMdcHATxxRU1ZFVd0Hbfuah-j64ISGfIFem HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM5kHsfw_MvozUTLc7CgjYI&google_cver=1&google_push=AXcoOmRgQ2ngJ1Inyu1SZJONdWarspAOvpiOKWWYhXogYX6n5f43CGUqAA3qtk9jRvMdcHATxxRU1ZFVd0Hbfuah-j64ISGfIFem&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b8NuPusMSeaKmrdk4r5ccQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRgQ2ngJ1Inyu1SZJONdWarspAOvpiOKWWYhXogYX6n5f43CGUqAA3qtk9jRvMdcHATxxRU1ZFVd0Hbfuah-j64ISGfIFem
Request Chain 143
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENd1Z5YEPDlTwOtdO4G4_iY&google_cver=1&google_push=AXcoOmTuuD0Ri5ArICp3CPX89WnouwH-OhGNDsWaE4_pyQsu_yqX6EkWa58LjYVUKIjl0a3nCFb8d8NjhD6TfN6bnE85iQD14gYy HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTuuD0Ri5ArICp3CPX89WnouwH-OhGNDsWaE4_pyQsu_yqX6EkWa58LjYVUKIjl0a3nCFb8d8NjhD6TfN6bnE85iQD14gYy&google_gid=CAESENd1Z5YEPDlTwOtdO4G4_iY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY3MTYxODIxMTM3ODE4MDg2NTQ1&google_push=AXcoOmTuuD0Ri5ArICp3CPX89WnouwH-OhGNDsWaE4_pyQsu_yqX6EkWa58LjYVUKIjl0a3nCFb8d8NjhD6TfN6bnE85iQD14gYy
Request Chain 144
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGhEJ8vDgTmY3dp_kqHwKfw&google_cver=1&google_push=AXcoOmSzeO7tbEVkvuY3SxfcMASXBN3kEoiWvg6i7pzLqNF-QeQouGa4OpVclK_U0ncYE0ihonQATAEMU8FXXEY2YRyP4J7tScj-9w HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEGhEJ8vDgTmY3dp_kqHwKfw%26google_cver%3D1%26google_push%3DAXcoOmSzeO7tbEVkvuY3SxfcMASXBN3kEoiWvg6i7pzLqNF-QeQouGa4OpVclK_U0ncYE0ihonQATAEMU8FXXEY2YRyP4J7tScj-9w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODkyMjYzMjA4MjQ4NjE2MDk1OA%3D%3D&google_gid=CAESEGhEJ8vDgTmY3dp_kqHwKfw&google_cver=1&google_push=AXcoOmSzeO7tbEVkvuY3SxfcMASXBN3kEoiWvg6i7pzLqNF-QeQouGa4OpVclK_U0ncYE0ihonQATAEMU8FXXEY2YRyP4J7tScj-9w
Request Chain 171
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKo_8mhc3rp_dN-FN2nJqHY&google_cver=1&google_push=AXcoOmRxce6aLBYWCrmphCoO_tTrZh-It7TvubTApYo3on-b7bPDfeCBtl0jE79SoilltANyICpNiqNbSksbetQSmB610usyxvMc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=akNCZER6WXQxUUJzenY1&google_gid=CAESEKo_8mhc3rp_dN-FN2nJqHY&google_cver=1&google_push=AXcoOmRxce6aLBYWCrmphCoO_tTrZh-It7TvubTApYo3on-b7bPDfeCBtl0jE79SoilltANyICpNiqNbSksbetQSmB610usyxvMc
Request Chain 172
  • https://um.simpli.fi/gp_match?google_gid=CAESECgjh-13FD93bctcWHvRyyM&google_cver=1&google_push=AXcoOmSaev0Llh-u63jbjcIxjukE2rpLWxhG6FZ4K-dE0ij76BnUFOZgD2W-ACcJDKjhlPZ0IeJgfw5Z043ku-JkSnNvnxTC0yT_0A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AA90B719F30A43B2ADCE52BA483C8E27&google_push=AXcoOmSaev0Llh-u63jbjcIxjukE2rpLWxhG6FZ4K-dE0ij76BnUFOZgD2W-ACcJDKjhlPZ0IeJgfw5Z043ku-JkSnNvnxTC0yT_0A
Request Chain 173
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN4Xb7-RGwlXrJ8b_TzqwaU&google_cver=1&google_push=AXcoOmRyUTxZA85RKblz1H5ZE72VadzfLPjwbrT_flNduO6atV5qQIfs3lfU0JNbnTlKb-KHyYg9ktXq5nF31vdgXj74rHvnH9BlXw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MzIyNzY0MDYxMTkyODIxOA%3D%3D&google_push=AXcoOmRyUTxZA85RKblz1H5ZE72VadzfLPjwbrT_flNduO6atV5qQIfs3lfU0JNbnTlKb-KHyYg9ktXq5nF31vdgXj74rHvnH9BlXw
Request Chain 174
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOcPpxG168taLaW822S9rX8&google_cver=1&google_push=AXcoOmTyPcQuyLOEC9ZuukL43paY1yAO8ygNSk8tpaadXAFvxifqEapSJVv8Uy022Wijbk3zNrtlMT5HYCx8tk2062kGX6LB6pzP HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOcPpxG168taLaW822S9rX8&google_cver=1&google_push=AXcoOmTyPcQuyLOEC9ZuukL43paY1yAO8ygNSk8tpaadXAFvxifqEapSJVv8Uy022Wijbk3zNrtlMT5HYCx8tk2062kGX6LB6pzP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTyPcQuyLOEC9ZuukL43paY1yAO8ygNSk8tpaadXAFvxifqEapSJVv8Uy022Wijbk3zNrtlMT5HYCx8tk2062kGX6LB6pzP&google_hm=4oVRxhg6SdG2q7XiuTXwkA==
Request Chain 175
  • https://rtb.openx.net/sync/dds?google_gid=CAESEG61qQReWSW2IMNdIzOn6qY&google_cver=1&google_push=AXcoOmTr1hxwwI4KfZD285OAoDLnXXk6xHLlvXNyVJ87GhEUunniJRBEohxgvkFJw-Og0X4aA1ZpAF7p2n_nphvvqWIArvFToNHU9g HTTP 302
  • https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEG61qQReWSW2IMNdIzOn6qY&google_push=AXcoOmTr1hxwwI4KfZD285OAoDLnXXk6xHLlvXNyVJ87GhEUunniJRBEohxgvkFJw-Og0X4aA1ZpAF7p2n_nphvvqWIArvFToNHU9g&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTr1hxwwI4KfZD285OAoDLnXXk6xHLlvXNyVJ87GhEUunniJRBEohxgvkFJw-Og0X4aA1ZpAF7p2n_nphvvqWIArvFToNHU9g&google_hm=6vIsiTEuxW0GmSxg1FFsew==
Request Chain 176
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHSFjoYrsHvMnYIKYJQ7N34&google_cver=1&google_push=AXcoOmRrNj5ZzdwRAQ-6evs7cxR7h9pKmK_dN8dO2dFWq8XGFvQtF2d8Vglhi_TVhXnU_kq1G3ISqt_JT7JBdFGRrKE1EdkkE_3A_w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRrNj5ZzdwRAQ-6evs7cxR7h9pKmK_dN8dO2dFWq8XGFvQtF2d8Vglhi_TVhXnU_kq1G3ISqt_JT7JBdFGRrKE1EdkkE_3A_w HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 177
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAqt6_DO_C_GV8gazTdQ7xY&google_cver=1&google_push=AXcoOmQe2wX7FJD0zp5a7ptmUdvt01RX8QRK6Zuk_H28fPElgbDrdnYXa8kmMqYV17TQ1Wt_OhPVuE_HS_wUWIpKiz-NL146ZXKGnA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=Njk0YWQzZTMtZTFhOC00Y2U3LThhMzktYWVkZjEwNTQwOThm&google_push=AXcoOmQe2wX7FJD0zp5a7ptmUdvt01RX8QRK6Zuk_H28fPElgbDrdnYXa8kmMqYV17TQ1Wt_OhPVuE_HS_wUWIpKiz-NL146ZXKGnA8 HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 182
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIuTnwFzaM0LpgyoqQJpWcI&google_cver=1&google_push=AXcoOmS0cv5zkKo94bozDPFrBI927LUO9MSAPQQnBFNAyZUrfMRjpCuSc9Ftzap4KoHPoJ_Kci9qJhH6wsjDKZn2tlTGm8slnH0u HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS0cv5zkKo94bozDPFrBI927LUO9MSAPQQnBFNAyZUrfMRjpCuSc9Ftzap4KoHPoJ_Kci9qJhH6wsjDKZn2tlTGm8slnH0u&google_hm=AWb-MKQcQl2QBx65Yw6R1e0
Request Chain 183
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEARNvhWNi6vWFvpBZFlxClw&google_cver=1&google_push=AXcoOmS61x1MMQTqvk8-AyHwj4rzYSQU_CvlhrF2yADMPG_kRe_8kgxJCgDRJokf1p2MEjymyUV9jU_GvDZ0S5RJEuqRTIxxaLKw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmS61x1MMQTqvk8-AyHwj4rzYSQU_CvlhrF2yADMPG_kRe_8kgxJCgDRJokf1p2MEjymyUV9jU_GvDZ0S5RJEuqRTIxxaLKw&google_hm=hmTvsgE5vPDDhOUbLA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64EFB20139BCF0C384E51B2CBLIS
Request Chain 184
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMp0I4-miW_VhOs1WaH7C4o&google_cver=1&google_push=AXcoOmSmjAGBB5E3cJ_iM3OWiR14bjQx7bsxtUR2pbBeaeYNhKi4jDyBknEoCX1zCgG2FrK3QQMs0NgIuTgnMq5vT5QAqjeTYFo HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMp0I4-miW_VhOs1WaH7C4o&google_cver=1&google_push=AXcoOmSmjAGBB5E3cJ_iM3OWiR14bjQx7bsxtUR2pbBeaeYNhKi4jDyBknEoCX1zCgG2FrK3QQMs0NgIuTgnMq5vT5QAqjeTYFo&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSmjAGBB5E3cJ_iM3OWiR14bjQx7bsxtUR2pbBeaeYNhKi4jDyBknEoCX1zCgG2FrK3QQMs0NgIuTgnMq5vT5QAqjeTYFo&google_hm=HPUdrGZHRzlMC3YvQeOt9Aq4
Request Chain 185
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHSFjoYrsHvMnYIKYJQ7N34&google_cver=1&google_push=AXcoOmSg70sts9wjO5T-WdQ_4YUXKxc2jBO-1Y260MkzWgLckq-rkrLch4eqtnLL6ZcIuf4n3ZRhGZIBBPtVzLq6ckuCqJs1HP0R HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSg70sts9wjO5T-WdQ_4YUXKxc2jBO-1Y260MkzWgLckq-rkrLch4eqtnLL6ZcIuf4n3ZRhGZIBBPtVzLq6ckuCqJs1HP0R
Request Chain 186
  • https://match.360yield.com/match/ebda?google_gid=CAESEMRlIThRvLPcZu1275AoMl0&google_cver=1&google_push=AXcoOmRhaEu9HmRwsWamqCUCHGldjYPjogjO_xen5ZbRDy6DhJOLZiJrU8pzPK0arnVGGWGlrM8E9oUBZtEvnh1cLSQ50MkopI3K HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=H5435Y-DTAueynu2E6MCEQ&google_push=AXcoOmRhaEu9HmRwsWamqCUCHGldjYPjogjO_xen5ZbRDy6DhJOLZiJrU8pzPK0arnVGGWGlrM8E9oUBZtEvnh1cLSQ50MkopI3K
Request Chain 187
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAJcMCV9BWPCERVBdUg39g8&google_cver=1&google_push=AXcoOmQ6_3yiXgyZ_Wwv1wfuEAic-4uJXHP4EeNjIzkWbQghf7VgTcGFdnIBMr6vCIzIAxB8vIpdxiHnRN3a7PCpA8_46tIpiphVhQ HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAJcMCV9BWPCERVBdUg39g8&google_cver=1&google_push=AXcoOmQ6_3yiXgyZ_Wwv1wfuEAic-4uJXHP4EeNjIzkWbQghf7VgTcGFdnIBMr6vCIzIAxB8vIpdxiHnRN3a7PCpA8_46tIpiphVhQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e28551c6-183a-49d1-b6ab-b5e2b935f090&%%GOOGLE_PUSH_PAIR%%
Request Chain 191
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 210
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CN-HxK-nhYEDFeyR_QcdDlYK7w;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023083023175488434161071X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023083023175488434161071X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Request Chain 219
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1693430274_aef702f0-477a-11ee-b98b-2233369fc7ee&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 238
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=NUcUEXxvenRvRE1xd01FRHI5TlVWSURLQ2NWQ1IvUlZxVndmcVl3bUUxUVhMNThseXVSbnFSYStsZE1VeUtMbUNZZ0pKQnZjY21Ua0tJZUFhV3N0UFNNVWJLNTlya2xDTzBZL3loRjF0SEpTRWE5aElRZ1ZvbCtwcGVlNjN4UlcwWU5YNVBGYlk4cWlidVFOZmVhYmxLWW1sZC9MVVJ0WEkzclU5NU1wN0xad2tpU0E2V3JlMjVoTVFMQ2JVUTJSU2VKcVNGcVY0MCtkL21Td1A3eWVJMmJhWnMrS0tZRHQ5bm1oN2kxd043Wnd4NDlta2JDQ0JicE93ZzJzYmtyd2dDcUh6cnp2ejZ4elpvcG1Qc2l3UDFuV0haQT09fA&cppv=2
Request Chain 246
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 248
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9WDSV6FmhwDubYRT8zWaBvQw0gbuYI4Bp2JZmaS6
Request Chain 249
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8922632082486160958&gdpr=0&gdpr_consent=
Request Chain 250
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273227640611928218&gdpr=0&gdpr_consent=
Request Chain 251
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MbtkqGTcW2dNwrNZRB8WaLAKa-0&gdpr=0&gdpr_consent=
Request Chain 252
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO_yAwAMosSvAQAb
Request Chain 253
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3e35cfeb36bd4288a3e0903ebcaaf1dc
Request Chain 254
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFczdVN0ozMlFBQUNWZmpxaTUzUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEs7U7J32QAACVfjqi53Q&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5824489679850151208&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEs7U7J32QAACVfjqi53Q&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5824489679850151208%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5824489679850151208&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEs7U7J32QAACVfjqi53Q&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEs7U7J32QAACVfjqi53Q&gdpr=0&gdpr_consent=
Request Chain 255
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 256
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084926951602493
Request Chain 257
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent=
Request Chain 259
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4587697792382255801
Request Chain 262
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1cih5oky3kh7
Request Chain 263
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=fa2a563ad4c3b4ca/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7AicPGkHMgXgVUYgQWjYhWjg%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=c28efafee62e3c4f83505e281543f0a6&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D7AicPGkHMgXgVUYgQWjYhWjg%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMgXgVUYgQWjYhWjg&gdpr=0&gdpr_consent=
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b8NuPusMSeaKmrdk4r5ccQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 266
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent=&ct=y
Request Chain 267
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=592136719
Request Chain 268
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aDgyMnNYbXRCYy1UbjYtM1ktNVBFbmViQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5695076676199403673&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 269
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkZDMzZFM0UtRUIwQy00OUU2LThBOUEtQjc2NEUyQkU1Qzcx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO4FOPy7epHMWPGichQ5lBk&google_cver=1
Request Chain 273
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5695076676199403673
Request Chain 275
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3B.ol.9E2uUcm8adN0.cVhYN_IF.Hg0-~A&gdpr=0
Request Chain 276
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e28551c6-183a-49d1-b6ab-b5e2b935f090&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_bb8590e6-5a03-49e1-9334-a963783a7bb5&bsw_param=e28551c6-183a-49d1-b6ab-b5e2b935f090&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e28551c6-183a-49d1-b6ab-b5e2b935f090&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 277
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1e3ad045818b182f&is_secure=true&networkId=17100&version=1&nuid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH7sG4QN45cANwbUvDAAAAAAA&expiration=1693516675&nuid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 278
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6919021736534392851&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 279
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f79f1f46-7cb1-440b-b765-73889023ef05&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 280
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=64a79794-ccda-4083-84d7-13e1b48e04d1-64efb203-4348&gdpr=0&gdpr_consent=
Request Chain 288
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=14301236-b30d-4572-89e2-566ced4d04ad&gdpr_consent=null&gdpr=0
Request Chain 292
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://eu-u.openx.net/w/1.0/cm?cc=1&id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=c9fee066-4897-09bc-23e4-cb7a42167a5f&gdpr=0&gdpr_consent=
Request Chain 298
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 303
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=8922632082486160958
Request Chain 304
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HPUdrGZHRzlMC3YvQeOt9Aq4
Request Chain 306
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1693430275927 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1221746816 HTTP 302
  • https://sync.1rx.io/usersync/turn/6919021736534392851?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-977dc5cc-75bb-40fa-af7c-097cada75d38-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-977dc5cc-75bb-40fa-af7c-097cada75d38-003 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-977dc5cc-75bb-40fa-af7c-097cada75d38-003
Request Chain 307
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5140084926951602493
Request Chain 308
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=5c1a50a0-08d1-4832-8f4f-67c491f6b8b7
Request Chain 309
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 310
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-fCLm67BE2uFlF.1uXscF8b8Bozjr3xdi8KzD5n4-~A
Request Chain 311
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-8b3fa40f-7a60-37a4-8e93-510870631545&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS04YjNmYTQwZi03YTYwLTM3YTQtOGU5My01MTA4NzA2MzE1NDUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS04YjNmYTQwZi03YTYwLTM3YTQtOGU5My01MTA4NzA2MzE1NDUyAhgMOAE=&gdpr=&gdpr_consent=
Request Chain 312
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-fCLm67BE2uFlF.1uXscF8b8Bozjr3xdi8KzD5n4-~A
Request Chain 314
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 315
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=328&uid=09b96458-8e5a-414a-b99b-c4233a8ad73e
Request Chain 318
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/smartadserver?zcc=1&cb=1693430275927 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8317792026 HTTP 302
  • https://sync.1rx.io/usersync/turn/6919021736534392851?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-977dc5cc-75bb-40fa-af7c-097cada75d38-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-977dc5cc-75bb-40fa-af7c-097cada75d38-003 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-977dc5cc-75bb-40fa-af7c-097cada75d38-003
Request Chain 319
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEs7U7J32QAACVfjqi53Q&partnerid=127&gdpr=0
Request Chain 320
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=903d3c8dd2313523eb6284def3fe8db6&gdpr=0&gdpr_consent=0
Request Chain 323
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKflK0GZEQgOEAWsljwqB6k&google_cver=1
Request Chain 325
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZO.yAfpKZJCuTs6y.s6EZQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEASWx2HsN-Hp4H0qqzAJsUc&google_cver=1&google_hm=2
Request Chain 327
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB
Request Chain 328
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=14301236-b30d-4572-89e2-566ced4d04ad&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 329
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZO.yAfpKZJCuTs6y.s6EZQAA%263369&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZO.yAfpKZJCuTs6y.s6EZQAA%263369&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=2b6d5a57b95c42b69a39ca8f82b34810 HTTP 303
  • https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZO.yAfpKZJCuTs6y.s6EZQAA%263369&gpp_sid=&us_privacy=&gpdr=
Request Chain 330
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=19896248db56182f&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAM2SC-PMirWAMcb71xAAAAAAA&expiration=1693516675&is_secure=true
Request Chain 332
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LLY8NSMS-J-C6EW HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LLY8NSMS-J-C6EW
Request Chain 334
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=8922632082486160958
Request Chain 335
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_0ecb23f8-1981-4154-918f-3f2aa6e86866&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=e28551c6-183a-49d1-b6ab-b5e2b935f090&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=e28551c6-183a-49d1-b6ab-b5e2b935f090&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=d707e1c7-b780-4068-a04a-4fb217f1576b&ssp=gumgum2&bsw_param=e28551c6-183a-49d1-b6ab-b5e2b935f090 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=e28551c6-183a-49d1-b6ab-b5e2b935f090&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 336
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28qvlZi1tp9bGt5zJ_HuaHoaqufmUrs7LUp6adxPZLUiU3HJcljp5YEBYuDUag2q1t%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28qvlZi1tp9bGt5zJ_HuaHoaqufmUrs7LUp6adxPZLUiU3HJcljp5YEBYuDUag2q1t%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_0ecb23f8-1981-4154-918f-3f2aa6e86866&obuid=ENC(qvlZi1tp9bGt5zJ_HuaHoaqufmUrs7LUp6adxPZLUiU3HJcljp5YEBYuDUag2q1t)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Request Chain 337
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=2b4ad3ee-f140-0e86-030d-65abac55a0df
Request Chain 338
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-31bb64a8-64dc-5b67-4dc2-b359441f1668$ip$176.10.107.237
Request Chain 339
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-yvkmXhtE2pdSC2H_3aUdEUS.7tXoPLB8vn6A~A
Request Chain 340
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=7ef48c92-d570-43d6-b8b1-66effa0d224d
Request Chain 342
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_0ecb23f8-1981-4154-918f-3f2aa6e86866&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=1z9pjnD7JadfE1GJpCmM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2ML2HFYGU3SEG5FGCZDGIUYUOSTQINWU2JTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2ML2HFYGU3SEG5FGCZDGIUYUOSTQINWU2JTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=1z9pjnD7JadfE1GJpCmM&us_privacy=1---
Request Chain 343
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=1f9e37e5-8f83-4c0b-9eca-7bb613a30211
Request Chain 344
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=PduutcMOVcaq&ev=1&pid=558355
Request Chain 345
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=5824489679850151208
Request Chain 347
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZO_yAwAMosSvAQAb&gdpr=0&gdpr_consent=
Request Chain 351
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZO.yBMCo8XcAALUOgEsAAAAA
Request Chain 353
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=60DwKxBWxnvwV0l2VsK3&pi=gumgum&tc=1
Request Chain 354
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 355
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID%26ismms2s%3D1 HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8922632082486160958 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&ismms2s=1
Request Chain 356
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=WoExh590mEu6&ismms2s=1&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
Request Chain 357
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=967161821137818086545&ismms2s=1
Request Chain 358
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1452e959a-a6c7-0984-1cee-6cb124062b7c
Request Chain 359
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
Request Chain 361
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZO.yAfpKZJCuTs6y.s6EZQAA%263369
Request Chain 362
  • https://b1sync.zemanta.com/usersync/minutemedia/?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=&ismms2s=1&gdpr=0
Request Chain 364
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D%26ismms2s%3D1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D%26ismms2s%3D1&crf=1&rts=-9035178467432125687 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=da6c0f14-7860-52f3-ad01-19cbc9eeabcf&ismms2s=1
Request Chain 365
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D%26ismms2s%3D1 HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=903d3c8dd2313523eb6284def3fe8db6&ismms2s=1
Request Chain 366
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=0&gdpr_consent=%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=5824489679850151208&gdpr=0&gdpr_consent=
Request Chain 368
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
Request Chain 372
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LLY8NSMS-J-C6EW HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LLY8NSMS-J-C6EW
Request Chain 373
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LLY8NSMS-J-C6EW HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LLY8NSMS-J-C6EW
Request Chain 374
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71
Request Chain 375
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=2ec0b6adcdcb81b9a679bf739d3f3cd1&gdpr_consent=&gdpr=0
Request Chain 385
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1310393143
Request Chain 386
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AA90B719F30A43B2ADCE52BA483C8E27&gdpr=0&gdpr_consent=
Request Chain 390
  • https://pixel.onaudience.com/?partner=214&mapped=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

388 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sxanhomm
pastelink.net/ 		30 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
2a48c4589a1b61b799474df790426db4c68b80c571d7bad1229b532330e93516
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 21:17:51 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/ 		5 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
69a381cd93cfeb0c48bcb2ad2f0c89536f91693f38f3f231b7009e2a2e05bd7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 30 Aug 2023 21:17:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 21:17:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Aug 2023 21:17:51 GMT
styles.css
pastelink.net/assets/css/ 		130 KB
130 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/css/styles.css?q=37
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
12b2573815dac6ac5646fab27841f398fa908cc13d510f2e14bffb595b726bbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/sxanhomm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jul 2023 15:36:49 GMT
server
nginx
etag
"64c13d91-2071e"
content-type
text/css
accept-ranges
bytes
content-length
132894
jquery-3.6.0.min.js
pastelink.net/assets/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/jquery-3.6.0.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/sxanhomm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-15d9d"
content-type
application/javascript
accept-ranges
bytes
content-length
89501
script.min.js
pastelink.net/assets/js/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/script.min.js?q=37
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
89f0335d649cdccf5bc16b4fad138e1fa6da670d851c82b48ccdd31273371110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/sxanhomm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jul 2023 15:36:49 GMT
server
nginx
etag
"64c13d91-b8f8"
content-type
application/javascript
accept-ranges
bytes
content-length
47352
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4164366
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
772
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-6d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoT1IxPpmk%2Bsmy2T15TqKvFgWYT4cC0buYWTBz%2FalMdQroo8XRkTOhoKPesynGeA0fq8dQCxuzqFNQCkyHFuZfPJnPYzddAeu%2FyikOTIfEVjAcgsmamuqMw0x0xY5Q9YvEsnIeOV0YA63x5C7eBQUeVk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ff0101bdf354c43-MXP
expires
Mon, 19 Aug 2024 21:17:51 GMT
css2
fonts.googleapis.com/ 		1 KB
903 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=DynaPuff:wght@400&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae73a9cda4225e9fccf5fdc24fffa4037af8adab9499988923b850357a8f5d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 30 Aug 2023 21:17:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 21:17:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Aug 2023 21:17:51 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
faf116d1fff4f1e55aac673cdffd30bbf69a0f78c5588439509866e2e453032c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
855
x-xss-protection
1; mode=block
expires
Wed, 30 Aug 2023 21:17:51 GMT
gtm.js
www.googletagmanager.com/ 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
465952a91061837a1a9d91e7b4902471bd0c88822d4b6dd784283fd753e0072d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86192
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Aug 2023 21:17:51 GMT
pastelink.js
cdn4.buysellads.net/pub/ 		541 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
17cc10670fa12e05b9bfcb0c8c40c5a3306af72ce3cd1ba8173d33dba18b1430

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
content-encoding
gzip
last-modified
Wed, 30 Aug 2023 21:04:53 GMT
server
AmazonS3
x-amz-request-id
E5NV3KN2VGHV2SSF
etag
"f1b096c6c03625ca6c1a29c54d5f4132"
x-amz-server-side-encryption
AES256
x-hw
1693430271.cds003.ml1.hn,1693430271.cds216.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
154833
x-amz-id-2
miUWa1skQ5V23v3+YMQSghBQ45pOqJs7A5oAzd8cDGNDNi7IQB0hFEj6zFoH530Y2FszTQPCBxw=
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 		454 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6af4a047b0d008cf83f703ee6add654184eac57f06dc2a3f9607fe566fba45ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 18:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
355142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186652
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 Aug 2024 18:38:49 GMT
debut_light.png
pastelink.net/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/debut_light.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-10c8"
content-type
image/png
accept-ranges
bytes
content-length
4296
pastelink-logo-german.svg
pastelink.net/assets/images/logo/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-german.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
48c997dad566c02a0a4f8416efa520f838a711d067a08f33b3ccffd541333e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-38e0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
14560
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
arrow-down-blue.svg
pastelink.net/assets/images/ 		239 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/arrow-down-blue.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-ef"
content-type
image/svg+xml
accept-ranges
bytes
content-length
239
moon.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/moon.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-62e"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1582
public-black.svg
pastelink.net/assets/images/ 		578 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/public-black.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-242"
content-type
image/svg+xml
accept-ranges
bytes
content-length
578
social-spritesheet.png
pastelink.net/assets/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/social-spritesheet.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-70de"
content-type
image/png
accept-ranges
bytes
content-length
28894
logo-bg-90-tl.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-bg-90-tl.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-933"
content-type
image/svg+xml
accept-ranges
bytes
content-length
2355
pastelink-logo-german-contrast.svg
pastelink.net/assets/images/logo/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-german-contrast.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
02614d11cbdc1f220b7be546d59ef5e14489c86a5fdce3f22ce7b6bf9990bc71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-3d2f"
content-type
image/svg+xml
accept-ranges
bytes
content-length
15663
logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-11c0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
4544
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 04:53:10 GMT
x-content-type-options
nosniff
age
491081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Aug 2024 04:53:10 GMT
z7N5dRvsZDIVHbYPMhZJ3HQ83UaSu4uhr7-ZFeoYkgAr1x8RSxYu2Y_hSA.woff2
fonts.gstatic.com/s/dynapuff/v4/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dynapuff/v4/z7N5dRvsZDIVHbYPMhZJ3HQ83UaSu4uhr7-ZFeoYkgAr1x8RSxYu2Y_hSA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DynaPuff:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd0aa72d80dd1c4e27ba8a0b7318c8f55cbd7c7353f882fe251bf0bdfb0c61c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 08:33:05 GMT
x-content-type-options
nosniff
age
477886
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21580
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:43:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Aug 2024 08:33:05 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 07:15:26 GMT
x-content-type-options
nosniff
age
396145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 07:15:26 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 00:08:32 GMT
x-content-type-options
nosniff
age
594559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Aug 2024 00:08:32 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 19:44:23 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5608
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 30 Aug 2023 21:44:23 GMT
js
www.googletagmanager.com/gtag/ 		240 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
27f00d43c9c69c26af317feb614275349c0d9f0038a2a6982b96c4a5f5c107f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84504
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 21:17:51 GMT
tag
btloader.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd157894cbef391d71eb32ae16b29886c2b74cc1d3ab011670c913371762ced6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Aug 2023 21:13:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
111
etag
W/"8f07bbc15c643135b6860211fc82310f"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byJujcrERBdLoE3jQlaWbImq2oV1D1jsAye5rMVQ6p9mPSE%2Fv1gNFgF4aVzGdo%2Bbhfnxg%2F4R4mOQyfrteUVhpMdsWLY4Bpr%2BZhFQFza%2BP3D0JOZYZFYFb5bq3vVKqRK2wGfdL3sUaMIeQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7ff0101e4e813755-MXP
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84365f96403717f07852dbae10c7ecf95efec2d4ad780a0dba238e11f7740136
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29053
x-xss-protection
0
server
cafe
etag
232 / 19599 / 31077464 / config-hash: 3287751012361123362
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 21:17:51 GMT
collect
www.google-analytics.com/j/ 		15 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=715663053&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fsxanhomm&ul=en-us&de=UTF-8&dt=Kompak4d%20Daftar%20Situs%20Penyedia%20Games%20Resmi%20Paling%20Lengkap%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=999136250&gjid=1687579627&cid=610378725.1693430272&tid=UA-55088947-2&_gid=1749860180.1693430272&_r=1&_slc=1&gtm=45He38s0n8155WHPWQ&z=337938682
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je38s0&_p=715663053&cid=610378725.1693430272&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693430271&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fsxanhomm&dt=Kompak4d%20Daftar%20Situs%20Penyedia%20Games%20Resmi%20Paling%20Lengkap%20-%20Pastelink.net&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
61a7bec12b2ae830506041664f85b6dc1ead1cb6b3c80c555a0f827398c80286
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81343
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 21:17:51 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 21:17:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2601675
x-guploader-uploadid
ADPycdvWQubgqY71PoREwdMOLLGmL9howBht3f8FZW1bauHzrFbewjOVHdezRzy7Kcj0WAkW9HH02zeOARn71GPKSKdv4g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JoRAnISyaOHJE61B68GSzrfRlUQ15La8kZGEQDVIA5evVg2Cp0utUy37UM91uqaonn4ujmAnAp4DkAcd7KlfmgnLsn6GXz84eAiA2XwFw%2BhU1mn%2FR91v0UBr8la7fLa2tABpPdgdzVoLJdWJlA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7ff0101f0c3e83a2-MXP
expires
Mon, 31 Jul 2023 19:36:36 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 03:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62821
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 03:50:50 GMT
px.gif
ad-delivery.net/ 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.3569690669845711
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2601675
x-guploader-uploadid
ADPycdvWQubgqY71PoREwdMOLLGmL9howBht3f8FZW1bauHzrFbewjOVHdezRzy7Kcj0WAkW9HH02zeOARn71GPKSKdv4g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHkh1jyFA%2F9mCsSKfEFIlaSaIEnNnTR1cKvLrL9%2BLQ1IbmArrd6VZmvifR19CrvIcoobsmh2KCUsRa8hpdgY38mQY0ROf%2BtuLmua6TnRECqkKl51LRN%2FlBpyYn4aNWpFeoqixKYOEATMEpWQ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7ff0101f0c4183a2-MXP
expires
Mon, 31 Jul 2023 19:36:36 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4KDXYD7HFC&gtm=45je38s0&_p=715663053&ul=en-us&sr=1600x1200&cid=610378725.1693430272&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fsxanhomm&dt=Kompak4d%20Daftar%20Situs%20Penyedia%20Games%20Resmi%20Paling%20Lengkap%20-%20Pastelink.net&sid=1693430271&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/ 		402 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077464
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c81f14e2bb3209ad75981c1843043f0a465d4c090f2313d0aa5398a7767ca9ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 11:39:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
34713
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129468
x-xss-protection
0
server
cafe
etag
3806458570195517322
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 29 Aug 2024 11:39:18 GMT
country
api.btloader.com/ 		16 B
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:52 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=n3NqYlF0wA&w=5093624318001152&o=5102648370397184&cv=2.1.17-2-g0b33bd3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpastelink.net%2Fsxanhomm&sid=lzhozAzlZQ&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 21:17:52 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
CWYD627N.json
srv.buysellads.com/ads/ 		1 KB
711 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CWYD627N.json?forcebanner=507738&ignoretargeting=yes
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.183.51.111 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-us-ny-23.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
c053f64d614d4f15e36041bbbfdbbe18723041f7d4d483ae265471bf0efa9bdf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:52 GMT
content-encoding
gzip
server
//srv.buysellads.com
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
574
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:17:52 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Fri, 11 Aug 2023 11:58:31 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1675117
ETag
W/"7a2ddf8932b862ed5d75aa7b27e3f8c1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbIfwZWon%2Few7fwopQSPuEg9W8PsypDM4GLwSx0QVaqSksiK%2FcdxP%2BBEMdN0j5g6Wf9v9MiqUdk4L8PuSEpDOXQcCKsdwP3wnCecrZAPlDBlhMB73UNJCs%2B9Pu%2BD9QlU73CmOnvx93FDkI0e"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7ff01020ba1f0e53-MXP
adreq
ads.servenobid.com/ 		1 KB
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6232
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5b12f203acacba7dcc4b4ab6797cae2a25269189b019f5ceb1850e32425ad3d8

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 21:17:52 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://pastelink.net
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
fastlane.json
fastlane.rubiconproject.com/a/api/ 		423 B
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fsxanhomm&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fsxanhomm&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=496713f3-5e77-4aaf-bc21-9ffc7a6676f2&l_pb_bid_id=11379df1420ea1b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&slots=1&rand=0.45793238389755153
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e26956c4beab5bd54dfa0654d6d09564c9884304c4b05bc17a1f2f601284eebe

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
423
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		429 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=2%2C1%2C16%2C232&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fsxanhomm&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fsxanhomm&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=292a62a4-d670-4cf0-9d9d-9926f1baebb5&l_pb_bid_id=129d1a48003cbac&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&slots=1&rand=0.07287179984404246
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7fc02f04e8cee3ec0d61b321d17535c4ca99fbcc29cdde83c963ef82c7e90109

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
429
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		425 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=9%2C8%2C10%2C16&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fsxanhomm&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fsxanhomm&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=58f5c819-a7b3-42c1-aa1d-2cf67cb108de&l_pb_bid_id=1337a6e13a421a3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&slots=1&rand=0.24989895168599263
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6768049734996e208dced2ceccecc38bcceae277bdbc46ac2087c4ddbbb055a0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
425
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		429 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=10%2C16%2C53%2C67%2C101%2C102%2C221&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fsxanhomm&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fsxanhomm&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=56c38718-9956-4786-9755-ca2c80a68207&l_pb_bid_id=148c90aa4c58ac4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&slots=1&rand=0.12814748918852015
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0625bd04ac8eb341b3ad0c018e4ef4435ab7bb0438e2d21389b41a5378199f32

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
429
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
brightcombid.marphezis.com/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
cache-control
no-store
access-control-allow-credentials
true
vary
Origin
expires
0
prebid
mp.4dex.io/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a5c2d3700359e1ca5e583e457f7e228e73fd71a78dee89a7af88ae97c22e602

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Wed, 30 Aug 2023 21:17:52 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868039084-1_123456, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868173958-4_123456, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868324828-7_123456, Process Seats Booster. unable to get the seat booster engine for organization: 1116
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7ff010210edb4bee-MXP
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		2 KB
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2Fsxanhomm&PageUrl=https%3A%2F%2Fpastelink.net%2Fsxanhomm&PageReferrer=https%3A%2F%2Fpastelink.net%2Fsxanhomm
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
5d77b8182b153e46ddaa6f583d17dc648707bdfe12d9ac02b739fdc06a1592e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
72
content-length
486
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
v1
prg.smartadserver.com/prebid/ 		958 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
1d0a2a479e152fa181f423c8ccd6d441c9fe5a5a5e63e513ec850b19d381a739

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
ba75fb198eac5ef867f86379f2eb81c52bb6e7ec4e83b1ff2a3e5c5301050d8b

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
475cbbcfb5935ba12449a3338e34c730c8bb445f3c3c43e5c480f62b23486f91

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		914 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
fca14affa2e3cfc6e2b060c2324930b4fb010c1080585b1cb1242fbbd19c7383

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		806 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
43a8155f706dee702d7dbe2c965573e87013f10444d8cb0336d9d34680fdf1f2

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		471 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f60dea365b21b13c09928aa55e0902faf0cc9f527513d62f3f7d2d192478572a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
an-x-request-uuid
f9b13071-87cc-4b5a-a26e-c3afae4fa6d9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.107.237; 176.10.107.237; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
471
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.43.0&cb=48437694329&lsavail=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Wed, 30 Aug 2023 21:17:52 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3af11ec6d7a483239243c924ce4edff802f3ffb7c4480f3c3e2c488fd0f21888

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Wed, 30 Aug 2023 21:17:52 GMT
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Wed, 30 Aug 2023 21:17:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		3 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:52 GMT
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
server
cloudflare
age
0
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray
7ff010214e2dbaed-MXP
content-length
3
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:17:52 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1675110
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 11 Aug 2023 11:58:31 GMT
Server
cloudflare
ETag
W/"9d36e722f929b1726cf2a9cba00af489"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUPT%2F%2BisXdraG97D%2FbrnC5737BYTQVIxj3lJC9bjoiMv3Vmi8mv7nQpQv4jkItrutVwXGitv%2BtqvFhZttayRNaJlMBGkxtVpnQkYW2ZZuk%2FwLtm7fcf1s%2FVPDEw7YFKFPnzrj8Xt2c83QhTh"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7ff010212953bb23-MXP
usync.html
eus.rubiconproject.com/ Frame AF6D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Aug 2023 21:17:52 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 30 Aug 2023 21:17:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame AF6D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:17:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Aug 2023 13:28:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58215
Connection
keep-alive
Content-Length
10124
Expires
Thu, 31 Aug 2023 13:28:07 GMT
setuid
u.4dex.io/ Frame AF6D
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LLY8NSMS-J-C6EW
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LLY8NSMS-J-C6EW
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=LLY8NSMS-J-C6EW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=LLY8NSMS-J-C6EW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
pixel
cm.g.doubleclick.net/ Frame AF6D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExZOE5TTVMtSi1DNkVX
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED93_7i2yKgHB2gCs_ydnLk&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZOE5TTVMtSi1DNkVX&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZOE5TTVMtSi1DNkVX&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZOE5TTVMtSi1DNkVX&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
tap.php
pixel.rubiconproject.com/ Frame AF6D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDYIbAWfTgEesuci3wgZSdw&google_cver=1
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDYIbAWfTgEesuci3wgZSdw&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDYIbAWfTgEesuci3wgZSdw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame AF6D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLY8NSMS-J-C6EW
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLY8NSMS-J-C6EW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:51 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 547DC70FD49A4FF7A58E9477958CED3A Ref B: ZRHEDGE1122 Ref C: 2023-08-30T21:17:52Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEKnXcK/VwMhmsnHAqgQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLY8NSMS-J-C6EW
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame AF6D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=gX_GXqiPThmjjr4c2B_DYQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gX_GXqiPThmjjr4c2B_DYQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gX_GXqiPThmjjr4c2B_DYQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z9XJNTD3X1KHTD7E79SG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gX_GXqiPThmjjr4c2B_DYQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AF6D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/xiKzSr-3ZdzmgI7zeTSNHQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ojXFItlE2oJ8AzgviDHBxhB_w8u8ne2ETtCLUA--~A
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ojXFItlE2oJ8AzgviDHBxhB_w8u8ne2ETtCLUA--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 30 Aug 2023 21:17:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ojXFItlE2oJ8AzgviDHBxhB_w8u8ne2ETtCLUA--~A
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame AF6D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=f4lLgH2QR1K7R3QYq1_XNA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=f4lLgH2QR1K7R3QYq1_XNA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=f4lLgH2QR1K7R3QYq1_XNA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
HTTP/1.1
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F88B2WR7FH9N72W1PCEP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=f4lLgH2QR1K7R3QYq1_XNA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame AF6D 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame AF6D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTJhMDZkODg4ODdiNTNmZWY3YTUxZjY2MWJiMzJmZmIzM2E0MmMwZQ
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTJhMDZkODg4ODdiNTNmZWY3YTUxZjY2MWJiMzJmZmIzM2E0MmMwZQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
H2
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTJhMDZkODg4ODdiNTNmZWY3YTUxZjY2MWJiMzJmZmIzM2E0MmMwZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ads
securepubads.g.doubleclick.net/gampad/ 		297 KB
61 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=935239145419805&correlator=2580087786334078&eid=31077099%2C31077464%2C31076770&output=ldjh&gdfp_req=1&vrg=202308280101&ptt=17&impl=fifs&iu_parts=22405481091%2CPastelink_S2S_FixedFooter_ROS%2CPastelink_S2S_TopLeaderboard_ROS%2CPastelink_S2S_Sidebar_ROS%2CPastelink_S2S_Interstitial_ROS%2CPastelink_S2S_TopAnchor_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C980x90%7C990x90%7C468x60%2C320x50%7C728x90%7C468x60%7C728x200%7C580x400%7C750x280%7C760x280%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C300x250%7C336x280%2C320x50%7C120x600%7C160x600%7C300x600%7C300x250%7C336x280%7C240x600%2C1x1%2C1x1&fluid=0%2Cheight%2Cheight%2C0%2C0&ifi=1&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C8%2C2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693430272755&lmt=1693423072&adxs=-12245933%2C310%2C1091%2C-9%2C-9&adys=-12245933%2C347%2C521%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fsxanhomm&vis=1&psz=1600x-1%7C705x426%7C168x607%7C0x-1%7C0x-1&msz=0x-1%7C705x250%7C120x600%7C0x-1%7C0x-1&fws=644%2C4%2C4%2C2%2C2&ohw=1600%2C1600%2C1600%2C0%2C0&ga_vid=610378725.1693430272&ga_sid=1693430273&ga_hid=715663053&ga_fc=true&dlt=1693430271288&idt=738&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1675868039084-1_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868173958-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868324828-7_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868453109-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1678879398722-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dpastelink%26optimize_xp%3Da&adks=840525636%2C3944560474%2C3798138915%2C1897443797%2C1230872867&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077464
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4cfd2fd5b9a2e49995a92ac8c2eaeeea414abff1a14495aa209b5cafa31c19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62687
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 81D3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077464
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:52 GMT
expires
Thu, 29 Aug 2024 21:17:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl_page_level_ads.js?cb=31077464
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077464
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332fe127faccfee262d5942df6721ba63712c60c5fbf6e8895689df79211146b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 11:39:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
34699
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13564
x-xss-protection
0
server
cafe
etag
10122007999268732976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 29 Aug 2024 11:39:33 GMT
container.html
9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3599 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077464
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:52 GMT
expires
Thu, 29 Aug 2024 21:17:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7FAB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077464
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:52 GMT
expires
Thu, 29 Aug 2024 21:17:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8891 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077464
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:52 GMT
expires
Thu, 29 Aug 2024 21:17:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ADBC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077464
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:52 GMT
expires
Thu, 29 Aug 2024 21:17:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6CAF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077464
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:52 GMT
expires
Thu, 29 Aug 2024 21:17:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
ssc-cms.33across.com/ps/ Frame 839F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP014 /
Resource Hash

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Wed, 30 Aug 2023 21:17:52 GMT
server
33XP014
x-33x-status
2020008
dr
as.ad4m.at/ad/ Frame F206 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1k8c5syrwpc963gk1sdr2m063759pe6jw8qqng7nqxkkhn5gm4aqvrbj22aatcm8g3bygt47znr8yrktbhykamdzjh6tp4damcz5ak2hm1r81r0myskfxm407171e8h6zbkbbg2q4c0t9zvvjsfyjmzmqf48tbkrsk020mg8qzsr0ww6bszfm63c4v8esf8enf5pg8nk2wxv9vms0ws028skhrzq1p9zvzmrmwj3e2dewmf79b1k3dtazds95840jd5tn9tw196fm8wyps5zmevxyepxwzq56412rkbhzhk0631c36fhj9rpcs9eec1ddv0sr463q72v0zak0mp9xcdgahhxj1sn8she64ad11bkzjvwyzdfm6c97fn5yrrrgewtxy3f9cffks724qcftsw4h3q89ew7bh1fax21s6zmpe25ydremtyyptq7ddt8s36eqq3y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%26client%3Dca-pub-9602519502618262%26adurl%3D
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0032158dfb29e1afd725fb151ded5189a9e1996c249ecbc2d6eeefbd8ad7eace
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ff01028f844bb0b-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:53 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 3599 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 15:33:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
20657
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 15:33:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FF62 		1 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
36234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 11:13:59 GMT
etag
48472445140208031
expires
Thu, 31 Aug 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 3599 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
26506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 13:56:07 GMT
l
www.google.com/ads/measurement/ Frame 3599 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtJPT8tcH_NGknSjYgpULx94WmEm9zliRfscUYMA5KBA71gXeEJnt6O89BN4gup-F0EAcEQAa3jKnkGwlTinBqzrpYmA
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3599 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:38:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
322753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Aug 2024 03:38:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3599 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 21:17:53 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 3854 		175 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c0a800d0c6f8225c84b3326388a6147d7a92076d0c5eb5789ab32f2fc00a31b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:52 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=El7tZ2NqQKaRZfrUPoii2oD-F-ABYd7gdo-XZsA4Am5J8Sra8n71EjK5shZ5wOsQrflksXTncwgtX4xo_nkcHBf0WhSNLS5klh5GBXDqWS88vawUz__OX7G6thb4CPrtEuIX_Cb2g3fi_6Dv9lxwKZId1fK_JbyyG57WCY8NyVzaMxv75SrkgHx1LR9MYBX8veSGvmlR1aw_ek5BRHNbQN-vyGe-GgcNBXCPnjjHGe6kdaBH_ziJ4Cyj8QRMBhYXQ1qy5A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
69863207
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 7FAB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 15:33:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
20657
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 15:33:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EC07 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
36234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 11:13:59 GMT
etag
48472445140208031
expires
Thu, 31 Aug 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 7FAB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
26506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 13:56:07 GMT
l
www.google.com/ads/measurement/ Frame 7FAB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-68Az5m5z0QQVn-E305uVt4VB5q_P05DwfRBPFmqRNKiUa2_ur0bqxBotI18l74j9GOnrR-mszczDqbFPKZU7EXR_3w
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7FAB 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:38:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
322753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Aug 2024 03:38:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7FAB 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 21:17:53 GMT
creative_add_on.js
cti.w55c.net/ct/ Frame 8891 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/creative_add_on.js?w=300&h=250&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wyNzU3MDA&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fpastelink.net%2Fsxanhomm&ciu=XROhqscfgR&btid=QTk1QUIyRDkxMjlCMTc2RENGMEE1Mjg3MTA5MUFEQzR8R0Z0cEJKQThXRHwxNjkzNDMwMjcyOTUxfDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfDY4NDc0NDY5NF9FWHw1NDE5M3x8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=pastelink.net&cip=1&hmt=1&uidu=CAESEKo_8mhc3rp_dN-FN2nJqHY&spidu=GOOGLE&pidu=275700&hmpvu=84f32e63-581e-42a1-abec-f936428ee013&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2248:f000:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:06:03 GMT
x-amz-version-id
0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 4e78864de8e88865aeedd2f9849556b6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
age
472311
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 17 Sep 2021 21:17:39 GMT
server
AmazonS3
etag
W/"a6c8a5bdec77729759b220b95bf503f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
must-revalidate
x-amz-cf-id
-i99YlXdGZ9sWYHy6t8ceqaETOs24JaywlVYAHxYpwX2kNSOlDBb-w==
XassetCEYbEcSW.png
ads.w55c.net/t/d/ Frame 8891 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.w55c.net/t/d/XassetCEYbEcSW.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=QTk1QUIyRDkxMjlCMTc2RENGMEE1Mjg3MTA5MUFEQzR8R0Z0cEJKQThXRHwxNjkzNDMwMjcyOTUxfDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfDY4NDc0NDY5NF9FWHw1NDE5M3x8fHwuMFB8VVNE&ei=GOOGLE&ac=WFM2YVdYQTl2bjpYU1pHTkNKTWpzfDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMTkjMC4zNzYwNDA2fElBQjYtNCMwLjM3NjA0MDZ8SUFCNiMwLjM3NjA0MDZ8SUFCMSMwLjE1ODY5MDM1&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fpastelink.net%2Fsxanhomm&ts=1693430272956&c=DE&r=BW&m=0&pc=71522&epid=R0wyNzU3MDA&mi=d2Vi&wp_exchange=NWP
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:e600:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cc53b9adf139d3c48666f76e1d316281c5e9065f7eeaa3fb329057c397f83e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pTSK_3aD6MH1NhuW2vrruciFx4wLs9g_
date
Wed, 30 Aug 2023 03:48:27 GMT
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
62968
x-amz-server-side-encryption
AES256
x-amz-meta-width
300
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-filesize
65085
x-amz-meta-height
250
content-length
65085
last-modified
Wed, 03 May 2023 17:26:36 GMT
server
AmazonS3
etag
"38988cf71c0e9e66d0bb0693f05250c3"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
PQtrCwarXDgSujavBKzJRV--P1y1ZtoRn7v3l7SCipUOowYinofSYw==
pixel.php
t.hspvst.com/ Frame 8891 		95 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.hspvst.com/pixel.php?id=2677&t=P&cb=3076761289686510
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.58.197.185 Mumbai, India, ASN174 (COGENT-174, US),
Reverse DNS
staticip-hv4m185.hispavista.com
Software
Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:17:53 GMT
Server
Apache
X-Powered-By
PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding
chunked
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
image/png
Cache-Control
max-age=315360000
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=3, max=1000
Expires
Sat, 27 Aug 2033 21:17:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 8891 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 15:33:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
20657
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 15:33:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 8891 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
26506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 13:56:07 GMT
l
www.google.com/ads/measurement/ Frame 8891 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRw7y5UcxhWXbV1Z3RC_bWT3GWS1lefIwDUuXzczSroyNkja3uXxaQZTUJftFAgYWSHLIPfjDM-QYhbNG9OhG6qhurQXg
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8891 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:38:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
322753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Aug 2024 03:38:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8891 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 21:17:53 GMT
css2
fonts.googleapis.com/ Frame ADBC 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 20:53:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Aug 2023 21:17:53 GMT
dr
as.ad4m.at/ad/ Frame 8FE5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1h33fepgem43ras8hz4z8yjxdash8g51809f30cna4ptd0yv7739rhpxh0bc04xen820gx8qfayt3wcn8hpz22pcprsch1b80qmeavxq73z5kagnm16jcw91h27wesgb17ssdt7yv354jttaj020htw16k83kqqdcs9em1pvngxcdedp182b5ek2a7z256rq8ar62x7v621q7qazs44qbtq2zhn28cf1ad9jq8jsrbef24f1tqwjx76serzd20adrgxakxnmp88a8pbk8g6fgbqkmhgg3qb4g303yqp673qc00g2j1cckpr5te6ffrw33k7bbhd2srx6dm375d7exapq6b1jh8tyacnw7e0q9dt790msz8d80m6t6b56vyx216jqek8g9r91eety8wqhcc64hk42875w56bnzgzg62g039w8y0rr9g6wqpgbg98kgvj9dzr7pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%26client%3Dca-pub-9602519502618262%26adurl%3D
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d0175d20f6a14e938ca166e68fbb341c81a2a1038fd71cb9542223e50f2dc4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ff01028f847bb0b-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:53 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 421D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 15:33:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
20657
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 15:33:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9DBF 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
36234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 11:13:59 GMT
etag
48472445140208031
expires
Thu, 31 Aug 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 421D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
26506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 13:56:07 GMT
l
www.google.com/ads/measurement/ Frame 421D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlZAsQSWWaqybIXVZunM7klfGZjAI9x4Xb45NJCg12_PNQMdncovhbhpTgMczJqfPl9n-w8Li_Om2po5KoRialBvqlaQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 421D 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:38:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
322753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Aug 2024 03:38:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 421D 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 21:17:53 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame ADBC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 13:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
26505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8570
x-xss-protection
0
server
cafe
etag
11167480076894372452
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 13:56:08 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 6CAF 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 14:00:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
26266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13552
x-xss-protection
0
server
cafe
etag
17023098769855550506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 14:00:07 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6CAF 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:38:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
322753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Aug 2024 03:38:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6CAF 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 21:17:53 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 6CAF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
26506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 13:56:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 6CAF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 15:33:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
20657
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 15:33:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 6CAF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
26506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 13:56:07 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame FF62
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDkxB9PhfmsuJie2daStzP0&google_cver=1&google_push=AXcoOmTQ-_hiUsiaDoqEsy6nV0pDPS1sQxkKbC1Nn2OTWMQJep2FIkfsC3m6lrz8TAyNPYEGsnyRqb3vo1Z7nuqBXU-LvX6McX0l
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NjkxOTAyMTczNjUzNDM5Mjg1MQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDkxB9PhfmsuJie2daStzP0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDkxB9PhfmsuJie2daStzP0&google_cver=1
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDkxB9PhfmsuJie2daStzP0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame FF62
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELx9RsRO3-647VlreNwZML4&google_cver=1&google_push=AXcoOmSzQQkLgnCPcsrmo6o3jWB6JOEe_Jwvfmox7mekqz0ocdYnI-sHZv1akqLnyze2N1USkOuo3D_dMJ6XUhmuKOLZLvPRLVD1&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELx9RsRO3-647VlreNwZML4&google_cver=1&google_push=AXcoOmSzQQkLgnCPcsrmo6o3jWB6JOEe_Jwvfmox7mekqz0ocdYnI-sHZv1akqLnyze2N1USkOuo3D_dMJ6XUhmuKOLZLvPRLVD...
43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELx9RsRO3-647VlreNwZML4&google_cver=1&google_push=AXcoOmSzQQkLgnCPcsrmo6o3jWB6JOEe_Jwvfmox7mekqz0ocdYnI-sHZv1akqLnyze2N1USkOuo3D_dMJ6XUhmuKOLZLvPRLVD1&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSzQQkLgnCPcsrmo6o3jWB6JOEe_Jwvfmox7mekqz0ocdYnI-sHZv1akqLnyze2N1USkOuo3D_dMJ6XUhmuKOLZLvPRLVD1%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7ff0102b180d4bea-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1847
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELx9RsRO3-647VlreNwZML4&google_cver=1&google_push=AXcoOmSzQQkLgnCPcsrmo6o3jWB6JOEe_Jwvfmox7mekqz0ocdYnI-sHZv1akqLnyze2N1USkOuo3D_dMJ6XUhmuKOLZLvPRLVD1&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSzQQkLgnCPcsrmo6o3jWB6JOEe_Jwvfmox7mekqz0ocdYnI-sHZv1akqLnyze2N1USkOuo3D_dMJ6XUhmuKOLZLvPRLVD1%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7ff010298e2e4bea-MXP
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FF62
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIuTnwFzaM0LpgyoqQJpWcI&google_cver=1&google_push=AXcoOmR9yt-znd3veubnXv5aGW-Aai_jsUw3dQ_pVU02IB2Fl9sabmEN1NQ0TZCYh27HKwtOeRaORae1x8Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR9yt-znd3veubnXv5aGW-Aai_jsUw3dQ_pVU02IB2Fl9sabmEN1NQ0TZCYh27HKwtOeRaORae1x8QbrsCpVTEjDVUWKevw&google_hm=psLVJqHIRX2JmFqWC5lBGu0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR9yt-znd3veubnXv5aGW-Aai_jsUw3dQ_pVU02IB2Fl9sabmEN1NQ0TZCYh27HKwtOeRaORae1x8QbrsCpVTEjDVUWKevw&google_hm=psLVJqHIRX2JmFqWC5lBGu0
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR9yt-znd3veubnXv5aGW-Aai_jsUw3dQ_pVU02IB2Fl9sabmEN1NQ0TZCYh27HKwtOeRaORae1x8QbrsCpVTEjDVUWKevw&google_hm=psLVJqHIRX2JmFqWC5lBGu0
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame FF62 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEARNvhWNi6vWFvpBZFlxClw&google_cver=1&google_push=AXcoOmR6NP_KikfbfDg-10s_I3SBvbnH-nVzsN7V8CJjDQzXAeeD7ruNfpF6Vp-d3upW3DoQ0eeVm5lHHCE6Ar56btbfqLki_dA
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame FF62
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDeCoIyFAPO9errWhig6nUA&google_cver=1&google_push=AXcoOmTrpjWz4U9Haz5bEtPcwFO6Kv5fexKVFOB__2g8_cK9hXezrd4nfAb1d_oA3Jh3rY64cTqJ1hfplH1mSPL-...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Hhy4d4lPROambJIN_5agBQ2&google_push=AXcoOmTrpjWz4U9Haz5bEtPcwFO6Kv5fexKVFOB__2g8_cK9hXezrd4nfAb1d_oA3Jh3rY64cTqJ1hfplH1mSPL-M8u0UpNsIFg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Hhy4d4lPROambJIN_5agBQ2&google_push=AXcoOmTrpjWz4U9Haz5bEtPcwFO6Kv5fexKVFOB__2g8_cK9hXezrd4nfAb1d_oA3Jh3rY64cTqJ1hfplH1mSPL-M8u0UpNsIFg
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 30 Aug 2023 21:17:53 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Hhy4d4lPROambJIN_5agBQ2&google_push=AXcoOmTrpjWz4U9Haz5bEtPcwFO6Kv5fexKVFOB__2g8_cK9hXezrd4nfAb1d_oA3Jh3rY64cTqJ1hfplH1mSPL-M8u0UpNsIFg
x-host
tde-deliveryengine-production-684d5dc7fc-c2949
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame FF62
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKflK0GZEQgOEAWsljwqB6k&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKflK0GZEQgOEAWsljwqB6k&google_push=AX...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKflK0GZEQgOEAWsljwqB6k&google_hm=ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB&google_nid=index&google_push=AXcoOmTIn1Z2Nd_rfPTL1uHEn-fpG3b_IHKAX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKflK0GZEQgOEAWsljwqB6k&google_hm=ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB&google_nid=index&google_push=AXcoOmTIn1Z2Nd_rfPTL1uHEn-fpG3b_IHKAXIanJRMJMkHqYd3d-lT1XsOMDhwCZqu9rd9J7IcwnLp1dAdkF9xPYaPrqzzgpWE
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W71O90S%2BpUOZijLsfY%2F9BRbBgwr6B%2FnVZdyAXB3dNp6pzU%2B5w5Miu0ydwJU6x%2BLD1u1i5%2BSwhSArx%2FfqEhB7MqwC4DWgeWm3IG4UvUzjji9IBGzZM8uyJ8v9wBvgZfLMI9G80RFLiqnlkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKflK0GZEQgOEAWsljwqB6k&google_hm=ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB&google_nid=index&google_push=AXcoOmTIn1Z2Nd_rfPTL1uHEn-fpG3b_IHKAXIanJRMJMkHqYd3d-lT1XsOMDhwCZqu9rd9J7IcwnLp1dAdkF9xPYaPrqzzgpWE
cache-control
no-cache
cf-ray
7ff0102a6a0801f8-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame FF62
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGMTf9j5lK71958aRaXG_Os&google_cver=1&google_push=AXcoOmQPAiRphfP9B8dw6fUfRTFC3nv06Wx7Uwne2LmmsjRytG8IoxME8vU1uJr-cHndEE7T49JVgX...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQPAiRphfP9B8dw6fUfRTFC3nv06Wx7Uwne2LmmsjRytG8IoxME8vU1uJr-cHndEE7T49JVgXG4O1XfAHF8XwT27Rja8PWd&google_hm=NTgyNDQ4OT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQPAiRphfP9B8dw6fUfRTFC3nv06Wx7Uwne2LmmsjRytG8IoxME8vU1uJr-cHndEE7T49JVgXG4O1XfAHF8XwT27Rja8PWd&google_hm=NTgyNDQ4OTY3OTg1MDE1MTIwOA%3D%3D
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQPAiRphfP9B8dw6fUfRTFC3nv06Wx7Uwne2LmmsjRytG8IoxME8vU1uJr-cHndEE7T49JVgXG4O1XfAHF8XwT27Rja8PWd&google_hm=NTgyNDQ4OTY3OTg1MDE1MTIwOA%3D%3D
date
Wed, 30 Aug 2023 21:17:53 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame FF62 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFXA6V5dJQImSyTpYeyvL-HWf2qOQrF7e1OrKXuqyCq43of5CJULVjl7N4s1zLBVQt5rOY
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame EC07
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDkxB9PhfmsuJie2daStzP0&google_cver=1&google_push=AXcoOmTn4zy5gV8GPMjfxVh5LmNxkTNQ6fb3KHPVQnr8l_7dOolVtBZir7GRmA8sko6pkXhdlKtW3udk9FKG9xmpMjkbgmUIKWVX_...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Njk5MTA3OTMzMDU3MjMyMDc4Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDkxB9PhfmsuJie2daStzP0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDkxB9PhfmsuJie2daStzP0&google_cver=1
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDkxB9PhfmsuJie2daStzP0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EC07
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKRUj9u7yKZ_lu2TD9NEz3U&google_cver=1&google_push=AXcoOmR70woUXhQ6vsQwErso93U6W6kqgIY37n29zOoT1x7dHO8UYvVamyrWxsFXS4yhiPVujJPyncLGMvG9j9Sp...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmR70woUXhQ6vsQwErso93U6W6kqgIY37n29zOoT1x7dHO8UYvVamyrWxsFXS4yhiPVujJPyncLGMvG9j9SpZHPXyFFtM_NbHKwY69SDltogn8fWRC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmR70woUXhQ6vsQwErso93U6W6kqgIY37n29zOoT1x7dHO8UYvVamyrWxsFXS4yhiPVujJPyncLGMvG9j9SpZHPXyFFtM_NbHKwY69SDltogn8fWRCWgZGI8zIt-IEC8wXIOtrnYGiT7-Q
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 30 Aug 2023 21:17:53 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x16 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmR70woUXhQ6vsQwErso93U6W6kqgIY37n29zOoT1x7dHO8UYvVamyrWxsFXS4yhiPVujJPyncLGMvG9j9SpZHPXyFFtM_NbHKwY69SDltogn8fWRCWgZGI8zIt-IEC8wXIOtrnYGiT7-Q
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 30 Aug 2023 21:17:52 GMT
google
match.adsrvr.org/track/cmf/ Frame EC07 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJA-tbgrJw4Q1GS9R74b-O0&google_cver=1&google_push=AXcoOmQtgAvD2qfESX7B5PkMU1uEei0OfsKzGH5GZv_scakujsy39qTZFnLQcL7SarwGlKaVw3onIdR4PRktnvakmyr3w8vdiDWja7oVUldoZ_DOxFYLm_s5TUhJ2XT56kjZJ6-9JsuDjAFXzQ
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame EC07 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEARNvhWNi6vWFvpBZFlxClw&google_cver=1&google_push=AXcoOmRmEFwIwtbgpaZzZTCEmHGlX3btdAY7kEpb5zbyKXHnDxrxvhfBi-IzJde9NCy7XMQvvH8hJ6t4LmkFVerAhvutjZvNgo1wCsQMv-uXecDo-NQwxFsr19ZiXyMgDK8CXsd6bKHwzDYq4w
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame EC07
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEHrUbeQS7TiGmVrFXvxFqo&google_cver=1&google_push=AXcoOmSqXz1fB7T37z1Jhvy9Whgts816Gwp00eJeQmn9qQK56w6PquPemcNbBQb65slsf94gOCb9pMHn8gj3TnI5VavIq7E...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSqXz1fB7T37z1Jhvy9Whgts816Gwp00eJeQmn9qQK56w6PquPemcNbBQb65slsf94gOCb9pMHn8gj3TnI5VavIq7ESTwOaQTDyIi2sEEgFDKJBQ6oCcfepN0IEwqIu0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSqXz1fB7T37z1Jhvy9Whgts816Gwp00eJeQmn9qQK56w6PquPemcNbBQb65slsf94gOCb9pMHn8gj3TnI5VavIq7ESTwOaQTDyIi2sEEgFDKJBQ6oCcfepN0IEwqIu0Dj0uGIdhfqr&google_hm=eS1Pa0xLYlBGRTJwSFp2VXNVblFJT0NZLnFBd2h5RWtJRH5B
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 30 Aug 2023 21:17:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSqXz1fB7T37z1Jhvy9Whgts816Gwp00eJeQmn9qQK56w6PquPemcNbBQb65slsf94gOCb9pMHn8gj3TnI5VavIq7ESTwOaQTDyIi2sEEgFDKJBQ6oCcfepN0IEwqIu0Dj0uGIdhfqr&google_hm=eS1Pa0xLYlBGRTJwSFp2VXNVblFJT0NZLnFBd2h5RWtJRH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame EC07
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEMRlIThRvLPcZu1275AoMl0&google_cver=1&google_push=AXcoOmQsM_YDGkpaZWvk5DFUjOvTeiN6wF_A7NeyKI1U6vLzUsQSC49_CdI2zczQOd8R3jSTw-s-oVcJHitjD6Mr9EkHVr...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMRlIThRvLPcZu1275AoMl0&google_cver=1&google_push=AXcoOmQsM_YDGkpaZWvk5DFUjOvTeiN6wF_A7NeyKI1U6vLzUsQSC49_CdI2zczQOd8R3jSTw-s-oVcJHitjD6Mr...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=H5435Y-DTAueynu2E6MCEQ&google_push=AXcoOmQsM_YDGkpaZWvk5DFUjOvTeiN6wF_A7NeyKI1U6vLzUsQSC49_CdI2zczQOd8R3jSTw-s-oVcJHitjD6M...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=H5435Y-DTAueynu2E6MCEQ&google_push=AXcoOmQsM_YDGkpaZWvk5DFUjOvTeiN6wF_A7NeyKI1U6vLzUsQSC49_CdI2zczQOd8R3jSTw-s-oVcJHitjD6Mr9EkHVrQJ60ofo06h7DayJeh-80kqFFOivc5BFjXgbWdErcrSmhEyFYSD
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=H5435Y-DTAueynu2E6MCEQ&google_push=AXcoOmQsM_YDGkpaZWvk5DFUjOvTeiN6wF_A7NeyKI1U6vLzUsQSC49_CdI2zczQOd8R3jSTw-s-oVcJHitjD6Mr9EkHVrQJ60ofo06h7DayJeh-80kqFFOivc5BFjXgbWdErcrSmhEyFYSD
access-control-allow-origin
*
date
Wed, 30 Aug 2023 21:17:53 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame EC07
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENd1Z5YEPDlTwOtdO4G4_iY&google_cver=1&google_push=AXcoOmSmX1KMuszCZqRc_s4phkfAUHtfH1YVjVvW2CDnvazYGOEgPkJ1FKZmXNQmm8X8UCjUg0hNzIsQ3gS7IaY0BU5sVb6CJb...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSmX1KMuszCZqRc_s4phkfAUHtfH1YVjVvW2CDnvazYGOEgPkJ1FKZmXNQmm8X8UCjUg0hNzIsQ3gS7IaY0BU5sVb6CJbP...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY3MTYxODIxMTM3ODE4MDg2NTQ1&google_push=AXcoOmSmX1KMuszCZqRc_s4phkfAUHtfH1YVjVvW2CDnvazYGOEgPkJ1FKZmXNQm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY3MTYxODIxMTM3ODE4MDg2NTQ1&google_push=AXcoOmSmX1KMuszCZqRc_s4phkfAUHtfH1YVjVvW2CDnvazYGOEgPkJ1FKZmXNQmm8X8UCjUg0hNzIsQ3gS7IaY0BU5sVb6CJbPQ7zscxMp8_aoFTezmyiO1t7eJ_Xikyw0kdAVbFAfrkchJfQ
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY3MTYxODIxMTM3ODE4MDg2NTQ1&google_push=AXcoOmSmX1KMuszCZqRc_s4phkfAUHtfH1YVjVvW2CDnvazYGOEgPkJ1FKZmXNQmm8X8UCjUg0hNzIsQ3gS7IaY0BU5sVb6CJbPQ7zscxMp8_aoFTezmyiO1t7eJ_Xikyw0kdAVbFAfrkchJfQ
date
Wed, 30 Aug 2023 21:17:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame EC07 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13InLnici3VL9jWhQdG53LEEbVLL1NyIMfIt5gXq5aoCyXl2R_vw6LyLBR9VKBU4uKcclGcP
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame F206 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k8c5syrwpc963gk1sdr2m063759pe6jw8qqng7nqxkkhn5gm4aqvrbj22aatcm8g3bygt47znr8yrktbhykamdzjh6tp4damcz5ak2hm1r81r0myskfxm407171e8h6zbkbbg2q4c0t9zvvjsfyjmzmqf48tbkrsk020mg8qzsr0ww6bszfm63c4v8esf8enf5pg8nk2wxv9vms0ws028skhrzq1p9zvzmrmwj3e2dewmf79b1k3dtazds95840jd5tn9tw196fm8wyps5zmevxyepxwzq56412rkbhzhk0631c36fhj9rpcs9eec1ddv0sr463q72v0zak0mp9xcdgahhxj1sn8she64ad11bkzjvwyzdfm6c97fn5yrrrgewtxy3f9cffks724qcftsw4h3q89ew7bh1fax21s6zmpe25ydremtyyptq7ddt8s36eqq3y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1k8c5syrwpc963gk1sdr2m063759pe6jw8qqng7nqxkkhn5gm4aqvrbj22aatcm8g3bygt47znr8yrktbhykamdzjh6tp4damcz5ak2hm1r81r0myskfxm407171e8h6zbkbbg2q4c0t9zvvjsfyjmzmqf48tbkrsk020mg8qzsr0ww6bszfm63c4v8esf8enf5pg8nk2wxv9vms0ws028skhrzq1p9zvzmrmwj3e2dewmf79b1k3dtazds95840jd5tn9tw196fm8wyps5zmevxyepxwzq56412rkbhzhk0631c36fhj9rpcs9eec1ddv0sr463q72v0zak0mp9xcdgahhxj1sn8she64ad11bkzjvwyzdfm6c97fn5yrrrgewtxy3f9cffks724qcftsw4h3q89ew7bh1fax21s6zmpe25ydremtyyptq7ddt8s36eqq3y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%26client%3Dca-pub-9602519502618262%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
641083
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nU5D5T0%2F3eIYZDTYL41tIPywtj6NMwZyrxeHYwNwvbRhqslgdJ98uFGMU7Iw%2FmOAKOq4e5SWuTYU1IrtjsfEhcrIVJwt1M9cs7C4giyQlQiKOJ%2F9U7Cu8ae4%2FSEKAUTK7RVdgyQLAAY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ff0102988e4bb0b-MXP
expires
Wed, 30 Aug 2023 22:17:53 GMT
r62eglto.js
ad4m.at/ Frame F206 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k8c5syrwpc963gk1sdr2m063759pe6jw8qqng7nqxkkhn5gm4aqvrbj22aatcm8g3bygt47znr8yrktbhykamdzjh6tp4damcz5ak2hm1r81r0myskfxm407171e8h6zbkbbg2q4c0t9zvvjsfyjmzmqf48tbkrsk020mg8qzsr0ww6bszfm63c4v8esf8enf5pg8nk2wxv9vms0ws028skhrzq1p9zvzmrmwj3e2dewmf79b1k3dtazds95840jd5tn9tw196fm8wyps5zmevxyepxwzq56412rkbhzhk0631c36fhj9rpcs9eec1ddv0sr463q72v0zak0mp9xcdgahhxj1sn8she64ad11bkzjvwyzdfm6c97fn5yrrrgewtxy3f9cffks724qcftsw4h3q89ew7bh1fax21s6zmpe25ydremtyyptq7ddt8s36eqq3y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
103643
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gY2ToqT6hRaeofH6I8uCzbaeoQ%2FGX2sqAPabRPxrHuqO4ePV9IPR6awspWH6BiBcLN8zFIrkrtUlDF8b2%2FJp5%2BrvyD6qGtPYhwBdP58Vln8K9YjGkhmmnygd0t4KefDsTaLjYA8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7ff0102998efbb0b-MXP
alt-svc
h3=":443"; ma=86400
expires
Tue, 29 Aug 2023 16:30:19 GMT
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 8FE5 		114 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h33fepgem43ras8hz4z8yjxdash8g51809f30cna4ptd0yv7739rhpxh0bc04xen820gx8qfayt3wcn8hpz22pcprsch1b80qmeavxq73z5kagnm16jcw91h27wesgb17ssdt7yv354jttaj020htw16k83kqqdcs9em1pvngxcdedp182b5ek2a7z256rq8ar62x7v621q7qazs44qbtq2zhn28cf1ad9jq8jsrbef24f1tqwjx76serzd20adrgxakxnmp88a8pbk8g6fgbqkmhgg3qb4g303yqp673qc00g2j1cckpr5te6ffrw33k7bbhd2srx6dm375d7exapq6b1jh8tyacnw7e0q9dt790msz8d80m6t6b56vyx216jqek8g9r91eety8wqhcc64hk42875w56bnzgzg62g039w8y0rr9g6wqpgbg98kgvj9dzr7pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h33fepgem43ras8hz4z8yjxdash8g51809f30cna4ptd0yv7739rhpxh0bc04xen820gx8qfayt3wcn8hpz22pcprsch1b80qmeavxq73z5kagnm16jcw91h27wesgb17ssdt7yv354jttaj020htw16k83kqqdcs9em1pvngxcdedp182b5ek2a7z256rq8ar62x7v621q7qazs44qbtq2zhn28cf1ad9jq8jsrbef24f1tqwjx76serzd20adrgxakxnmp88a8pbk8g6fgbqkmhgg3qb4g303yqp673qc00g2j1cckpr5te6ffrw33k7bbhd2srx6dm375d7exapq6b1jh8tyacnw7e0q9dt790msz8d80m6t6b56vyx216jqek8g9r91eety8wqhcc64hk42875w56bnzgzg62g039w8y0rr9g6wqpgbg98kgvj9dzr7pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%26client%3Dca-pub-9602519502618262%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
641083
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNtMbFuJoi2mX2Xk9%2Bi2zgcfXb1Xp%2Fry6eTZkx%2FTSDR1dp6Lrsy%2FmZxlB8FE230SIfXL8IeRx2lznohPOzQrwcyI1E2oj1qzkkvg1jJXS0rLwIn8msNMtzhnUzQTRld7FWP%2Buy6JHmk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ff0102988e5bb0b-MXP
expires
Wed, 30 Aug 2023 22:17:53 GMT
r62eglto.js
ad4m.at/ Frame 8FE5 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h33fepgem43ras8hz4z8yjxdash8g51809f30cna4ptd0yv7739rhpxh0bc04xen820gx8qfayt3wcn8hpz22pcprsch1b80qmeavxq73z5kagnm16jcw91h27wesgb17ssdt7yv354jttaj020htw16k83kqqdcs9em1pvngxcdedp182b5ek2a7z256rq8ar62x7v621q7qazs44qbtq2zhn28cf1ad9jq8jsrbef24f1tqwjx76serzd20adrgxakxnmp88a8pbk8g6fgbqkmhgg3qb4g303yqp673qc00g2j1cckpr5te6ffrw33k7bbhd2srx6dm375d7exapq6b1jh8tyacnw7e0q9dt790msz8d80m6t6b56vyx216jqek8g9r91eety8wqhcc64hk42875w56bnzgzg62g039w8y0rr9g6wqpgbg98kgvj9dzr7pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
103643
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtaonKILGAeV1CEuFyshbBIJoXDSqSQsyaV5IkJN8WPZr6I5eMk3iiOyynGkFcNDleARn5wGuMFP0JGAl8CvlXJAQ8abMXAgdXhZJBVTcpdCkNuSvA2z6pJ3GwL29akWqFHI6E4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7ff0102998f0bb0b-MXP
alt-svc
h3=":443"; ma=86400
expires
Tue, 29 Aug 2023 16:30:19 GMT
dpixel
cms.quantserve.com/ Frame 9DBF 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENwWnQpTp0zkbyVW4-Y3c8w&google_cver=1&google_push=AXcoOmS2lnSCspA1h3HJTemxxGWCCoENc9nzG-EkbTqdikA4l6bfM99Ps28Io0AchQ85KewHdOS0IJDaZX35szR8hIuqI42dWiY
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9DBF
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKo_8mhc3rp_dN-FN2nJqHY&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKo_8mhc3rp_dN-FN2nJqHY&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=akNCZER6WXQxUUJzenY1&google_gid=CAESEKo_8mhc3rp_dN-FN2nJqHY&google_cver=1&google_push=AXcoOmSk31ufgC8QBML3LCnixftDDmPDbjLx-CFS9-r7Zrq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=akNCZER6WXQxUUJzenY1&google_gid=CAESEKo_8mhc3rp_dN-FN2nJqHY&google_cver=1&google_push=AXcoOmSk31ufgC8QBML3LCnixftDDmPDbjLx-CFS9-r7ZrqPmc2JWLo0zz6jGrXzgiN28wnNsQOyhp_OWUkFCzb5jTpWOgUncAjG
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:53 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0dcb732bd13b1eb84@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=akNCZER6WXQxUUJzenY1&google_gid=CAESEKo_8mhc3rp_dN-FN2nJqHY&google_cver=1&google_push=AXcoOmSk31ufgC8QBML3LCnixftDDmPDbjLx-CFS9-r7ZrqPmc2JWLo0zz6jGrXzgiN28wnNsQOyhp_OWUkFCzb5jTpWOgUncAjG
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9DBF
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIuTnwFzaM0LpgyoqQJpWcI&google_cver=1&google_push=AXcoOmQhakkqngIFKPSfRnYcLsnI9hV1xnTZ9-jykFvwvRCSWNtncXioGrCg6NK7cc8N-ssVJMiK-x8ODJu...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQhakkqngIFKPSfRnYcLsnI9hV1xnTZ9-jykFvwvRCSWNtncXioGrCg6NK7cc8N-ssVJMiK-x8ODJuPGxHV8k8imys4hoM9&google_hm=AWb-MKQcQl2QBx65Yw6R1e0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQhakkqngIFKPSfRnYcLsnI9hV1xnTZ9-jykFvwvRCSWNtncXioGrCg6NK7cc8N-ssVJMiK-x8ODJuPGxHV8k8imys4hoM9&google_hm=AWb-MKQcQl2QBx65Yw6R1e0
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQhakkqngIFKPSfRnYcLsnI9hV1xnTZ9-jykFvwvRCSWNtncXioGrCg6NK7cc8N-ssVJMiK-x8ODJuPGxHV8k8imys4hoM9&google_hm=AWb-MKQcQl2QBx65Yw6R1e0
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9DBF
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELx-hGIpEbhO64v7FJM_4fU&google_cver=1&google_push=AXcoOmQK4MiuoRa2IrGrohzwVLbBtf2gzsnDzlQT2nABYvrId4H_RI3v0eu4RBT2vfqSle_au293_-JNxiwIIy1k_3jQnkQ...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELx-hGIpEbhO64v7FJM_4fU&google_cver=1&google_push=AXcoOmQK4MiuoRa2IrGrohzwVLbBtf2gzsnDzlQT2nABYvrId4H_RI3v0eu4RBT2vfqSle_au293_-JNxiwIIy1k_3jQn...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQK4MiuoRa2IrGrohzwVLbBtf2gzsnDzlQT2nABYvrId4H_RI3v0eu4RBT2vfqSle_au293_-JNxiwIIy1k_3jQnkQtR00
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQK4MiuoRa2IrGrohzwVLbBtf2gzsnDzlQT2nABYvrId4H_RI3v0eu4RBT2vfqSle_au293_-JNxiwIIy1k_3jQnkQtR00
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQK4MiuoRa2IrGrohzwVLbBtf2gzsnDzlQT2nABYvrId4H_RI3v0eu4RBT2vfqSle_au293_-JNxiwIIy1k_3jQnkQtR00
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 9DBF
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b8NuPusMSeaKmrdk4r5ccQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b8NuPusMSeaKmrdk4r5ccQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRgQ2ngJ1Inyu1SZJONdWarspAOvpiOKWWYhXogYX6n5f43CGUqAA3qtk9jRvMdcHATxxRU1ZFVd0Hbfuah-j64ISGfIFem
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b8NuPusMSeaKmrdk4r5ccQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRgQ2ngJ1Inyu1SZJONdWarspAOvpiOKWWYhXogYX6n5f43CGUqAA3qtk9jRvMdcHATxxRU1ZFVd0Hbfuah-j64ISGfIFem
date
Wed, 30 Aug 2023 21:17:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 9DBF
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENd1Z5YEPDlTwOtdO4G4_iY&google_cver=1&google_push=AXcoOmTuuD0Ri5ArICp3CPX89WnouwH-OhGNDsWaE4_pyQsu_yqX6EkWa58LjYVUKIjl0a3nCFb8d8NjhD6TfN6bnE85iQD14gYy
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTuuD0Ri5ArICp3CPX89WnouwH-OhGNDsWaE4_pyQsu_yqX6EkWa58LjYVUKIjl0a3nCFb8d8NjhD6TfN6bnE85iQD14gY...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY3MTYxODIxMTM3ODE4MDg2NTQ1&google_push=AXcoOmTuuD0Ri5ArICp3CPX89WnouwH-OhGNDsWaE4_pyQsu_yqX6EkWa58LjYVU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY3MTYxODIxMTM3ODE4MDg2NTQ1&google_push=AXcoOmTuuD0Ri5ArICp3CPX89WnouwH-OhGNDsWaE4_pyQsu_yqX6EkWa58LjYVUKIjl0a3nCFb8d8NjhD6TfN6bnE85iQD14gYy
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTY3MTYxODIxMTM3ODE4MDg2NTQ1&google_push=AXcoOmTuuD0Ri5ArICp3CPX89WnouwH-OhGNDsWaE4_pyQsu_yqX6EkWa58LjYVUKIjl0a3nCFb8d8NjhD6TfN6bnE85iQD14gYy
date
Wed, 30 Aug 2023 21:17:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 9DBF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGhEJ8vDgTmY3dp_kqHwKfw&google_cver=1&google_push=AXcoOmSzeO7tbEVkv...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEGhEJ8vDgTmY3dp_kqHwKfw%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODkyMjYzMjA4MjQ4NjE2MDk1OA%3D%3D&google_gid=CAESEGhEJ8vDgTmY3dp_kqHwKfw&google_cver=1&google_push=AXcoOmSzeO7tbEVkvuY3SxfcMASXBN3kEo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODkyMjYzMjA4MjQ4NjE2MDk1OA%3D%3D&google_gid=CAESEGhEJ8vDgTmY3dp_kqHwKfw&google_cver=1&google_push=AXcoOmSzeO7tbEVkvuY3SxfcMASXBN3kEoiWvg6i7pzLqNF-QeQouGa4OpVclK_U0ncYE0ihonQATAEMU8FXXEY2YRyP4J7tScj-9w
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
an-x-request-uuid
72e193ab-2df3-48d9-8a6f-e4d88bd27361
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODkyMjYzMjA4MjQ4NjE2MDk1OA%3D%3D&google_gid=CAESEGhEJ8vDgTmY3dp_kqHwKfw&google_cver=1&google_push=AXcoOmSzeO7tbEVkvuY3SxfcMASXBN3kEoiWvg6i7pzLqNF-QeQouGa4OpVclK_U0ncYE0ihonQATAEMU8FXXEY2YRyP4J7tScj-9w
x-proxy-origin
176.10.107.237; 176.10.107.237; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9DBF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KtSsnZ5kQFmivg1QnqaxYmcuz7h0SoBr8obKxRYD_-40KGC7fVTYNT-qJo-5nkGC3F0wPnRQ
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 7FAB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c003778196f8454de16b92b7360e8b50d3d09c33db85c912ebd44cd812a33a2f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A440 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
36234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 11:13:59 GMT
etag
48472445140208031
expires
Thu, 31 Aug 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8891 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
170ab86401feff6a2df3531940a64dfb77a020ce5057a7ef60f511b5de3e05ff

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
img
imageproxy.eu.criteo.net/img/ Frame 6CAF 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_371214-26318_1102_02.jpg&ups=1&v=3&w=800&s=GtUlPTVOlkqBPaZy3gSY-PcW
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08b66b3d1901e7b8f93d782c608026836ff8f7fd6d6a1cadebfd83c55051b88f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
content-length
19946
expires
Tue, 05 Sep 2023 16:49:31 GMT
img
imageproxy.eu.criteo.net/img/ Frame 6CAF 		770 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?ar=1&h=200&llw=100&m=0&partner=3455&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3455%2F220914%2F190a067e6f3f4ec9940c088d11d74313_logosquare.jpg&v=3&w=200&s=cYC2K47KTUtOFiqH_Fwwr3dl
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
725c09cee8148a501fa4fdb355fa42fa68c156412f061bd752dc367978a82a71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
770
expires
Fri, 02 Aug 2024 07:33:34 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3854 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Aug 2024 21:17:53 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3854 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Aug 2024 21:17:53 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3854 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 24 Aug 2024 21:17:53 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3854 		293 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 24 Aug 2024 21:17:53 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 3854 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=NHQ3pzIIwONVSkRu8LT6cR0DR00-nDC8E__uafucI7cGHM1AEIfk0shpIZCeMFQUcSOqQA2frRB-qTZvmLN0-I9j0pjk7abVzf2ock6lCfqUt7XYYdr7zO72o-OeMtu_GVUSKbjExirUuwFIpd5LF1XclOmIvj-L2XCaKpRSSyP-4sJifQ4UMGLyr9nTv8jkB07DZGzmZefiKInVjw8o7eseeusBJxnNzOlk2BP4sdaUMnOAYjNeks6li970t6NylNhdUO5bmT_-g96AmTiQgfx-yXbUovijzhc6JUkbnWZOEtfafo2UDxeL46IfARwdA6rIdJwvHNnfNbBZJToZHVyOY8l7urrFsZs9KDxZkFa04l8T5OT9CuXof3y3s4Y2TEjvCX7RHUuRdg_mwFGJCwZVuWxhTar_KUlzCx-l6wvAKzfVlv9a5kXcW8XwepFTro0WxM7wW-epgwFWEGHPAQZZIE_37CG_ivR4FCYGB08lDZuq
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1562572
expires
Mon, 26 Jul 1997 05:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame EA2B 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
3250
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 20:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1A8D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
36234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 11:13:59 GMT
etag
48472445140208031
expires
Thu, 31 Aug 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 3854 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5365240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjBksuOB35q8xu8Cjw8GwA51c5ZXiRgOVPV5mPStckootPdGIV0VvV10y%2BA18PgA5VAdrvUXY%2B%2BDmQpLYZyZR8BG7%2BQ7wi7nHlms%2FFODKkL0BVSPEERmi1R1xqGhOAsHgvHF4bUeir68xvKSwGHkiNsq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ff0102b0bfd4c43-MXP
expires
Mon, 19 Aug 2024 21:17:53 GMT
animejs.js
static.criteo.net/animejs/ Frame 3854 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Aug 2024 21:17:53 GMT
truncated
/ Frame 3599 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4d1ca6bb03b1775aa76a17f0f9441409f448c1702e20552d288e6f7cabfef32

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 8891 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cub4hALLvZP-_Mo_O1gbS9IOIC7qItI9cnNfu7qkIwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQngAgCoAwHIAwKqBPwBT9CfnjzD_o7Nto0G77V3CDJCWVvbGUmjicB0u2V25C2yIzbvolbv-9TcWL6VjsUdgddpwB6ZlpyVi-yctYb7h4nbHA3IB3j-hkICwZR2BUxFtwLK_KkU-9mFIGkJqnSD6tcQAEhK1U5We2x9VK_e55cX-u7I3ZUQOP-4UVlBY11LMtjTh4UGYaSHK-D1mr3spsMhI4L2OSxrf1Lf-VxRbXb-Z8-zNRFR-dgbAgZ560u4SQeNupik7sgkDgtjpu6HUniAywqZtfwGNMMMbXhYyxYesTpnsnArCSg_ERgA80-rbBiGQWc84zdCO6Q-OGBYbZXqdYmUVVHxa8gf4AQBgAaq0LPj0JH3j7kBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTk2MDI1MTk1MDI2MTgyNjIY-t58&sigh=x_FW7ekaewQ&uach_m=[UACH]&cid=CAQSOwBpAlJWqjOs9_SVndQ51XATYhSTmfzkIs-L6BXCLMawbRYLNxLGJ8zvFXXIcOPu-3Sq48db9jE64XtKGAE&cbvp=2&vis=1
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a.gif
i.w55c.net/ Frame 8891 		42 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=QTk1QUIyRDkxMjlCMTc2RENGMEE1Mjg3MTA5MUFEQzR8R0Z0cEJKQThXRHwxNjkzNDMwMjcyOTUxfDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfDY4NDc0NDY5NF9FWHw1NDE5M3x8fHwuMFB8VVNE&ei=GOOGLE&wp_exchange=ZO-yAAAMn_8K1acPAAD6UqpTQ0dUhkbZtIdmWw&ac=WFM2YVdYQTl2bjpYU1pHTkNKTWpzfDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMTkjMC4zNzYwNDA2fElBQjYtNCMwLjM3NjA0MDZ8SUFCNiMwLjM3NjA0MDZ8SUFCMSMwLjE1ODY5MDM1&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=pastelink.net&s=https%3A%2F%2Fpastelink.net%2Fsxanhomm&ts=1693430272956&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=BW&m=0&pc=71522&rnd=3076761289686510&epid=R0wyNzU3MDA&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dm=MU1GMFZrS0dSMw&l=ZW58fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=1&euid=Q0FFU0VLb184bWhjM3JwX2ROLUZOMm5KcUhZ&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=kriI-G5UB-goG8UM2QZNLQ&buid=Xdb4DXiaK1Q&dv=MUxWSXJn&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEKo_8mhc3rp_dN-FN2nJqHY&spidu=GOOGLE&pidu=275700&hmpvu=84f32e63-581e-42a1-abec-f936428ee013&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.76.148.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-76-148-198.eu-central-1.compute.amazonaws.com
Software
PixelTracking/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0dcb732bd13b1eb84@eu-central-1a@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:53 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PixelTracking/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0dcb732bd13b1eb84@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3854 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=3455&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3455%2F210331%2F6d4c617ae012456da1cfa367ffefe967_logo.png&v=3&w=1156&s=go0w92MnEv4LZRQd6CdsdChl
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5f9e5464e88224db3fd57ab68bb7799ef95f9fa19d6a193f5eab0f071a042f11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
11121
expires
Thu, 01 Aug 2024 05:09:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3854 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_230032-35718_8114_110.jpg&v=3&w=800&s=7tnkONO2L4NLLVKsqmegEbhZ&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5a592c36c45d06463c0dd58ad22e3e524ed3e88d383f8899b1840328ce5604fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
content-length
13816
expires
Thu, 31 Aug 2023 09:08:56 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3854 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_122004-66635_11000_110.jpg&v=3&w=800&s=9PIJE4EU5XshLR2Ja6Ls5T9T&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7e3dadb57f3477801617b666075f0d0e11e8d6f431a411e1c2bdad35bdfb462a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
content-length
19594
expires
Mon, 04 Sep 2023 20:10:33 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3854 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_955009-31139_90528_110.jpg&v=3&w=800&s=MpU6QwuuB-I9tsSq3AokRMge&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
61c9d2a98c2a676f850fcf195e62ec7d2c1c0312a3a0a76473da5e66d0dc52a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
content-length
12172
expires
Thu, 31 Aug 2023 18:56:20 GMT
all
csm.eu.criteo.net/ Frame 3854 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=El7tZ2NqQKaRZfrUPoii2oD-F-ABYd7gdo-XZsA4Am5J8Sra8n71EjK5shZ5wOsQrflksXTncwgtX4xo_nkcHBf0WhSNLS5klh5GBXDqWS88vawUz__OX7G6thb4CPrtEuIX_Cb2g3fi_6Dv9lxwKZId1fK_JbyyG57WCY8NyVzaMxv75SrkgHx1LR9MYBX8veSGvmlR1aw_ek5BRHNbQN-vyGe-GgcNBXCPnjjHGe6kdaBH_ziJ4Cyj8QRMBhYXQ1qy5A&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 21:17:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3854 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Aug 2024 21:17:53 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3854 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Aug 2024 21:17:53 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F206 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597
x-guploader-uploadid
ADPycdvYW5jQ5_kCXAplmMxE3p8pfCwsniZJelO2MsOjvyMLsYPKpiaWgPblPG13BiEm42E7gLAazydimOPVTnAplTeZBg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUSPvLtHto6%2BLwGSvnQYA54SB%2B%2BPbL2o6JB4R4KhEmrJgs1jLyGN8XVV4jRXpy%2FE6M4qb4%2BmxCCGVUSjL9lY4eVWTi8YhY3%2Fll2hqp0SXrmhMsTtMtBCwyZJRE%2FhW%2BIgEvhr58acLUqlZUGbLs3Qj73O"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7ff0102bbf3059d1-MXP
expires
Wed, 30 Aug 2023 21:16:27 GMT
pixel
cm.g.doubleclick.net/ Frame A440
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKo_8mhc3rp_dN-FN2nJqHY&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=akNCZER6WXQxUUJzenY1&google_gid=CAESEKo_8mhc3rp_dN-FN2nJqHY&google_cver=1&google_push=AXcoOmRxce6aLBYWCrmphCoO_tTrZh-It7TvubTApYo3on-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=akNCZER6WXQxUUJzenY1&google_gid=CAESEKo_8mhc3rp_dN-FN2nJqHY&google_cver=1&google_push=AXcoOmRxce6aLBYWCrmphCoO_tTrZh-It7TvubTApYo3on-b7bPDfeCBtl0jE79SoilltANyICpNiqNbSksbetQSmB610usyxvMc
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:52 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0310c9e42ac8c94ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=akNCZER6WXQxUUJzenY1&google_gid=CAESEKo_8mhc3rp_dN-FN2nJqHY&google_cver=1&google_push=AXcoOmRxce6aLBYWCrmphCoO_tTrZh-It7TvubTApYo3on-b7bPDfeCBtl0jE79SoilltANyICpNiqNbSksbetQSmB610usyxvMc
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A440
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECgjh-13FD93bctcWHvRyyM&google_cver=1&google_push=AXcoOmSaev0Llh-u63jbjcIxjukE2rpLWxhG6FZ4K-dE0ij76BnUFOZgD2W-ACcJDKjhlPZ0IeJgfw5Z043ku-JkSnNvnxTC0yT_0A
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AA90B719F30A43B2ADCE52BA483C8E27&google_push=AXcoOmSaev0Llh-u63jbjcIxjukE2rpLWxhG6FZ4K-dE0ij76BnUFOZgD2W-ACcJDKjhlPZ0IeJgfw5Z043ku-J...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AA90B719F30A43B2ADCE52BA483C8E27&google_push=AXcoOmSaev0Llh-u63jbjcIxjukE2rpLWxhG6FZ4K-dE0ij76BnUFOZgD2W-ACcJDKjhlPZ0IeJgfw5Z043ku-JkSnNvnxTC0yT_0A
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 30 Aug 2023 21:17:53 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AA90B719F30A43B2ADCE52BA483C8E27&google_push=AXcoOmSaev0Llh-u63jbjcIxjukE2rpLWxhG6FZ4K-dE0ij76BnUFOZgD2W-ACcJDKjhlPZ0IeJgfw5Z043ku-JkSnNvnxTC0yT_0A
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 29 Aug 2023 21:17:53 GMT
pixel
cm.g.doubleclick.net/ Frame A440
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN4Xb7-RGwlXrJ8b_TzqwaU&google_cver=1&google_push=AXcoOmRyUTxZA85RKblz1H5ZE72VadzfLPjwbrT_flNduO6atV5qQIfs3lfU0JNbnTlKb-KHyYg9ktXq5nF31v...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MzIyNzY0MDYxMTkyODIxOA%3D%3D&google_push=AXcoOmRyUTxZA85RKblz1H5ZE72VadzfLPjwbrT_flNduO6atV5qQIfs3lfU0JNbnTlKb-KHyYg9ktXq5nF31vdgXj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MzIyNzY0MDYxMTkyODIxOA%3D%3D&google_push=AXcoOmRyUTxZA85RKblz1H5ZE72VadzfLPjwbrT_flNduO6atV5qQIfs3lfU0JNbnTlKb-KHyYg9ktXq5nF31vdgXj74rHvnH9BlXw
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MzIyNzY0MDYxMTkyODIxOA%3D%3D&google_push=AXcoOmRyUTxZA85RKblz1H5ZE72VadzfLPjwbrT_flNduO6atV5qQIfs3lfU0JNbnTlKb-KHyYg9ktXq5nF31vdgXj74rHvnH9BlXw
Date
Wed, 30 Aug 2023 21:17:53 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame A440
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOcPpxG168taLaW822S9rX8&google_cver=1&google_push=AXcoOmTyPcQuyLOEC9ZuukL43paY1yAO8ygNSk8tpaadXAFvxifqEapSJVv8Uy022Wijbk3zNrtlMT5HYCx8tk2062kG...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOcPpxG168taLaW822S9rX8&google_cver=1&google_push=AXcoOmTyPcQuyLOEC9ZuukL43paY1yAO8ygNSk8tpaadXAFvxifqEapSJVv8Uy022Wijbk3zNrtlMT5HYCx8tk...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTyPcQuyLOEC9ZuukL43paY1yAO8ygNSk8tpaadXAFvxifqEapSJVv8Uy022Wijbk3zNrtlMT5HYCx8tk2062kGX6LB6pzP&google_hm=4oVRxhg6SdG2q7XiuTXwkA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTyPcQuyLOEC9ZuukL43paY1yAO8ygNSk8tpaadXAFvxifqEapSJVv8Uy022Wijbk3zNrtlMT5HYCx8tk2062kGX6LB6pzP&google_hm=4oVRxhg6SdG2q7XiuTXwkA==
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTyPcQuyLOEC9ZuukL43paY1yAO8ygNSk8tpaadXAFvxifqEapSJVv8Uy022Wijbk3zNrtlMT5HYCx8tk2062kGX6LB6pzP&google_hm=4oVRxhg6SdG2q7XiuTXwkA==
date
Wed, 30 Aug 2023 21:17:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame A440
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEG61qQReWSW2IMNdIzOn6qY&google_cver=1&google_push=AXcoOmTr1hxwwI4KfZD285OAoDLnXXk6xHLlvXNyVJ87GhEUunniJRBEohxgvkFJw-Og0X4aA1ZpAF7p2n_nphvvqWIArvFToNHU9g
  • https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEG61qQReWSW2IMNdIzOn6qY&google_push=AXcoOmTr1hxwwI4KfZD285OAoDLnXXk6xHLlvXNyVJ87GhEUunniJRBEohxgvkFJw-Og0X4aA1ZpAF7p2n_nphvvqWIArvFToNHU9...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTr1hxwwI4KfZD285OAoDLnXXk6xHLlvXNyVJ87GhEUunniJRBEohxgvkFJw-Og0X4aA1ZpAF7p2n_nphvvqWIArvFToNHU9g&google_hm=6vIsiTEuxW0GmSxg1FFsew==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTr1hxwwI4KfZD285OAoDLnXXk6xHLlvXNyVJ87GhEUunniJRBEohxgvkFJw-Og0X4aA1ZpAF7p2n_nphvvqWIArvFToNHU9g&google_hm=6vIsiTEuxW0GmSxg1FFsew==
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTr1hxwwI4KfZD285OAoDLnXXk6xHLlvXNyVJ87GhEUunniJRBEohxgvkFJw-Og0X4aA1ZpAF7p2n_nphvvqWIArvFToNHU9g&google_hm=6vIsiTEuxW0GmSxg1FFsew==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
/
onetag-sys.com/match/ Frame A440
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHSFjoYrsHvMnYIKYJQ7N34&google_cver=1&google_push=AXcoOmRrNj5ZzdwRAQ-6evs7cxR7h9pKmK_dN8dO2dFWq8XGFvQtF2d8Vglhi_TVhXnU_kq1G3ISqt_JT7J...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRrNj5ZzdwRAQ-6evs7cxR7h9pKmK_dN8dO2dFWq8XGFvQtF2d8Vglhi_TVhXnU_kq1G3ISqt_JT7JBdFGRrKE1EdkkE_3A_w
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame A440
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAqt6_DO_C_G...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=Njk0YWQzZTMtZTFhOC00Y2U3LThhMzktYWVkZjEwNTQwOThm&google_push=AXcoOmQe2wX7FJD0zp5a7ptmUdvt01RX8QRK6Zuk_H28fPElgbDrdnYXa8kmMqYV17TQ1...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Server
184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-51.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 30 Aug 2023 21:17:54 GMT
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:54 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A440 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDsw_Mal-z1itAJ5I1RvM8bKbGmCi2k4-gMbiijidsUwz-Esg-K8koP2gIF8bLEAxQlxFX4pM
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
frame.html
ad4m.at/ Frame 52A8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1730351
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7ff0102b8babbad6-MXP
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 21:17:53 GMT
expires
Wed, 09 Aug 2023 01:00:19 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2x8Od8I5VeLmQzXtkW%2F3XeiSFfQ5Jd%2B7D1UNOrcr4%2FTAzdsO1wdmq2CJk%2Bucm7ggvwdUg0jTvDFdPDFJmnkHWZKWFQN6VXbyNHepeEVLSk2S3DrNmIm46QLyc%2FWpIbQyE6fFATI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 0727 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1730351
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7ff0102b8bafbad6-MXP
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 21:17:53 GMT
expires
Wed, 09 Aug 2023 01:00:19 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iu3i6NFvQT3wQnr1Zogx7xGp%2BJ76CAJRqTYbcqSwWfh0UTkpTbL3NJrbl5knOVTzNfe%2BtUQJkl6%2FWV%2Fww0DKaGy%2Bawy1NQjJ4enHAnkmgIEOItQAK41%2F6Qj1SRfE%2BlxBoZGO0aE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
google
match.adsrvr.org/track/cmf/ Frame 1A8D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJA-tbgrJw4Q1GS9R74b-O0&google_cver=1&google_push=AXcoOmQsD_7Yad2OtDvv9s9-ghvt2ECTUlB0oOX0MiJcrwyr0jTWmmw_JwaVAXhUr6G6EULdmQuF1Zu486_VhqMb9qV-6bYcxEC9
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 1A8D
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIuTnwFzaM0LpgyoqQJpWcI&google_cver=1&google_push=AXcoOmS0cv5zkKo94bozDPFrBI927LUO9MSAPQQnBFNAyZUrfMRjpCuSc9Ftzap4KoHPoJ_Kci9qJhH6wsj...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS0cv5zkKo94bozDPFrBI927LUO9MSAPQQnBFNAyZUrfMRjpCuSc9Ftzap4KoHPoJ_Kci9qJhH6wsjDKZn2tlTGm8slnH0u&google_hm=AWb-MKQcQl2QBx65Yw6R1e0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS0cv5zkKo94bozDPFrBI927LUO9MSAPQQnBFNAyZUrfMRjpCuSc9Ftzap4KoHPoJ_Kci9qJhH6wsjDKZn2tlTGm8slnH0u&google_hm=AWb-MKQcQl2QBx65Yw6R1e0
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:52 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS0cv5zkKo94bozDPFrBI927LUO9MSAPQQnBFNAyZUrfMRjpCuSc9Ftzap4KoHPoJ_Kci9qJhH6wsjDKZn2tlTGm8slnH0u&google_hm=AWb-MKQcQl2QBx65Yw6R1e0
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1A8D
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEARNvhWNi6vWFvpBZFlxClw&google_cver=1&google_push=AXcoOmS61x1MMQTqvk8-AyHwj4rzYSQU_CvlhrF2yADMPG_kRe_8kgxJCgDRJokf1p2MEjymyUV9jU_GvDZ0S5...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmS61x1MMQTqvk8-AyHwj4rzYSQU_CvlhrF2yADMPG_kRe_8kgxJCgDRJokf1p2MEjymyUV9jU_GvDZ0S5RJEuqRTIxxaLKw&google_hm=hmTvsgE5vPDDhOUbL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmS61x1MMQTqvk8-AyHwj4rzYSQU_CvlhrF2yADMPG_kRe_8kgxJCgDRJokf1p2MEjymyUV9jU_GvDZ0S5RJEuqRTIxxaLKw&google_hm=hmTvsgE5vPDDhOUbLA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64EFB20139BCF0C384E51B2CBLIS
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmS61x1MMQTqvk8-AyHwj4rzYSQU_CvlhrF2yADMPG_kRe_8kgxJCgDRJokf1p2MEjymyUV9jU_GvDZ0S5RJEuqRTIxxaLKw&google_hm=hmTvsgE5vPDDhOUbLA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64EFB20139BCF0C384E51B2CBLIS
date
Wed, 30 Aug 2023 21:17:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1A8D
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMp0I4-miW_VhOs1WaH7C4o&google_cver=1&google_push=AXcoOmSmjAGBB5E3cJ_iM3OWiR14bjQx7bsxtUR2pbBeaeYNhKi4jDyBknEoCX1zCgG2FrK3QQMs0NgIuTgnMq5vT...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMp0I4-miW_VhOs1WaH7C4o&google_cver=1&google_push=AXcoOmSmjAGBB5E3cJ_iM3OWiR14bjQx7bsxtUR2pbBeaeYNhKi4jDyBknEoCX1zCgG2FrK3QQMs0NgIuTgnMq5vT...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSmjAGBB5E3cJ_iM3OWiR14bjQx7bsxtUR2pbBeaeYNhKi4jDyBknEoCX1zCgG2FrK3QQMs0NgIuTgnMq5vT5QAqjeTYFo&google_hm=HPUdrGZHRzlMC3YvQeOt9Aq4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSmjAGBB5E3cJ_iM3OWiR14bjQx7bsxtUR2pbBeaeYNhKi4jDyBknEoCX1zCgG2FrK3QQMs0NgIuTgnMq5vT5QAqjeTYFo&google_hm=HPUdrGZHRzlMC3YvQeOt9Aq4
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 30 Aug 2023 21:17:53 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSmjAGBB5E3cJ_iM3OWiR14bjQx7bsxtUR2pbBeaeYNhKi4jDyBknEoCX1zCgG2FrK3QQMs0NgIuTgnMq5vT5QAqjeTYFo&google_hm=HPUdrGZHRzlMC3YvQeOt9Aq4
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1A8D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHSFjoYrsHvMnYIKYJQ7N34&google_cver=1&google_push=AXcoOmSg70sts9wjO5T-WdQ_4YUXKxc2jBO-1Y260MkzWgLckq-rkrLch4eqtnLL6ZcIuf4n3ZRhGZIBBPtV...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSg70sts9wjO5T-WdQ_4YUXKxc2jBO-1Y260MkzWgLckq-rkrLch4eqtnLL6ZcIuf4n3ZRhGZIBBPtVzLq6ckuCqJs1HP0R
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSg70sts9wjO5T-WdQ_4YUXKxc2jBO-1Y260MkzWgLckq-rkrLch4eqtnLL6ZcIuf4n3ZRhGZIBBPtVzLq6ckuCqJs1HP0R
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSg70sts9wjO5T-WdQ_4YUXKxc2jBO-1Y260MkzWgLckq-rkrLch4eqtnLL6ZcIuf4n3ZRhGZIBBPtVzLq6ckuCqJs1HP0R
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 1A8D
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEMRlIThRvLPcZu1275AoMl0&google_cver=1&google_push=AXcoOmRhaEu9HmRwsWamqCUCHGldjYPjogjO_xen5ZbRDy6DhJOLZiJrU8pzPK0arnVGGWGlrM8E9oUBZtEvnh1cLSQ50M...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=H5435Y-DTAueynu2E6MCEQ&google_push=AXcoOmRhaEu9HmRwsWamqCUCHGldjYPjogjO_xen5ZbRDy6DhJOLZiJrU8pzPK0arnVGGWGlrM8E9oUBZtEvnh1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=H5435Y-DTAueynu2E6MCEQ&google_push=AXcoOmRhaEu9HmRwsWamqCUCHGldjYPjogjO_xen5ZbRDy6DhJOLZiJrU8pzPK0arnVGGWGlrM8E9oUBZtEvnh1cLSQ50MkopI3K
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=H5435Y-DTAueynu2E6MCEQ&google_push=AXcoOmRhaEu9HmRwsWamqCUCHGldjYPjogjO_xen5ZbRDy6DhJOLZiJrU8pzPK0arnVGGWGlrM8E9oUBZtEvnh1cLSQ50MkopI3K
access-control-allow-origin
*
date
Wed, 30 Aug 2023 21:17:53 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 1A8D
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAJcMCV9B...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e28551c6-183a-49d1-b6ab-b5e2b935f090&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e28551c6-183a-49d1-b6ab-b5e2b935f090&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e28551c6-183a-49d1-b6ab-b5e2b935f090&%%GOOGLE_PUSH_PAIR%%
date
Wed, 30 Aug 2023 21:17:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 1A8D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2WgWxXFk5Npd9BVOuVFXOPPqlLJAHHkk12e2m5pMiisLEaOzXoWp9zdD_Hx29Y4OMkq5YLg
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
prompt-400.css
static.criteo.net/design/googlefont/prompt/ Frame 3854 		1 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/prompt/prompt-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
199aab1f505ae0a7a87a10b59b877973cc25158d1876d3dc42b911d4e5397afa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:12:56 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f0e8-4ef"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Aug 2024 21:17:53 GMT
prompt-700.css
static.criteo.net/design/googlefont/prompt/ Frame 3854 		1 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/prompt/prompt-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
db6a3fdf38dab07e0ccee2a304d9c643d3c0cac0ff9389ff655a062471c575b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:12:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f0ea-4ef"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Aug 2024 21:17:53 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EA2B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:53 GMT
expires
Wed, 30 Aug 2023 21:17:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:53 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 3599 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZS6AALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSFAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2EulkFwGrXA9u6qvt9cvixOD07UrhXjgYOMcpUNhOdKS6_2AEqZWt-AEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTk2MDI1MTk1MDI2MTgyNjIY-t58&sigh=tB2H-EttOs0&uach_m=[UACH]&cid=CAQSOwBpAlJWqjOs9_SVndQ51XATYhSTmfzkIs-L6BXCLMawbRYLNxLGJ8zvFXXIcOPu-3Sq48db9jE64XtKGAE&cbvp=2&vis=1
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 3599 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gzc5bxza9rp2qq7mk5vxxhtzs6hjm5whas8hx60vva85gbw8v0xqgwbms4d5g65g7tkjw3ac8d2z8f8escavqxemyqtemjvhhyfs2hvx4s8bz581fspt3ej8077kgbd7hgnnpz2hc81eqbv68yzrnd8ypk15qkrcx9d74fv1b1t4c31gtmx8dme21mq7nvejvknf2z1x8bv8zna79gsjygv8y6kcapkavdpvb5ehzswxfm387k8a9d2cs4qewg9za7dbqzpwc7cra3j7864pxt6dmc9cs7k20mhqjqrxvk23rryyd0wmvwnvyrgx6bctpmq550qsddsbga0x2xrtshyny1f3t10a7s2w0va9hk90pdy4f50m17k3dzyaczrg4ftj2tgcnm5mz0&b=ZO-yAAAMn_0K1acPAAD6Un4OUhy9c_rsZE_eXQ&cbvp=2
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 21:17:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
prompt-400-latin.woff2
static.criteo.net/design/googlefont/prompt/ Frame 3854 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/prompt/prompt-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/prompt/prompt-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0dc405349b9e64616a3625673041771f2be733ebcb07688fcacd947401e40d34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/prompt/prompt-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:12:56 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f0e8-44e8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Aug 2024 21:17:54 GMT
f42b96353b1a43b1bfb1603f72d7c24b_sabonroman.woff
static.criteo.net/design/dt/ Frame 3854 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/f42b96353b1a43b1bfb1603f72d7c24b_sabonroman.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
272164e5b3fb96e072257a2b6439d17a64d72018196ea36e8a73024c380dc9cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 01 Mar 2021 13:06:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"603ce6bb-6d70"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Aug 2024 21:17:54 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ff0102c3b85ba99-MXP
content-length
24
content-type
text/plain
date
Wed, 30 Aug 2023 21:17:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thM92tAoQZDnIpqcy5Q1L%2BPRvAqtm12%2BRYOU29OW%2FP%2B%2BrpVywLiNmdZ9fka9J%2FO0dFZFivs4kUAeTf5nbfwb6kTLCa9tHV25HafFI%2B9zeWqAipDQsqV9AZx2Plo%2FtLKWQ2%2FFlfU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-rgsx
rs
ad4m.at/ Frame F206 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f98280ebf8b23278082c84b49f486cfa4692b7bb53be0adfb2cf659c75d1b2e5

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dr8JY3WNyQvNesO8AB%2BRTGqObS4BFaaZ56bjXZKh6yvw4SpVxDvA%2B60Ae7LqbYC6TUrpHgBosLVv8oiWWPrrFy8R%2BY5E2TtdlS9vEHeb52babkKAjXq8mkMqJZ5fpstFmTKRNf8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7ff0102c8bf4ba99-MXP
x-backend-server
aa-reachservice-group-europe-west1-rgsx
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ff0102c3b87ba99-MXP
content-length
24
content-type
text/plain
date
Wed, 30 Aug 2023 21:17:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UezGo22EaEf1XGN%2FzJZnOtgPEpPrFGe1bJfNLZ%2FQ9uYQ%2FOkewQ%2B6ho6Fp%2Fb4MXVreX9mLjNuihhjM1wI8fG8aQ5qC8%2BOCoFW%2BmLuENYG9pUsd8US4ADSNXiOtikVsX%2FZ22XJcvI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-5ggx
rs
ad4m.at/ Frame 8FE5 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e7fe6ea59e27d119e6a7e9821064dfc4439f1419e7b6b312805c24d4c27c278

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6t5MeVO%2Fo8UCY40nMbo3ewhZSJpQcmuzuTCif0OCyNGAxmCo%2FyDihG2YQKOHXJkyiCoK%2BdnoA3D1BzPM0DWzJd9pqGy8aAHqsgQlY1XBGAaLkkxMNQLsEMKSgTY2CjW%2BvdCSV7o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7ff0102c8bf7ba99-MXP
x-backend-server
aa-reachservice-group-europe-west1-rgsx
alt-svc
h3=":443"; ma=86400
rar
as.ad4m.at/ad/ Frame A114 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=117569%2C195016%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=300&d=250&e=&g=8b396a88823e724936078fa7ae8305a8%2F11621732870452224532&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1693430273978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksjwbck6hsrpq4r5zmj1f2yrnh8g4j6vxjagr6v66xnznr91er5v06hzvdcpthcyecx9trsf7wh6sts7y8v6gnwv8avvg5hzb6zaw61d4esmhzfvy8dkfzfk9f45gkq9ymeck1zbxx7wmag76bp3c2dzs9zs8knwnna350c40bj94qqd5vjbvcv3t9817zy900nhkqhgc4e8em92m73sms7p29j9j6tx9sxq9d9wzqgfvetafgyv8ny7nvwk67v1xjaxhvj0z7698aznpxkj158%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
453ae3da6cd25f6e378df35d71e0e1f16fb35ff721e3777878e70261e70cd3ae
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1h33fepgem43ras8hz4z8yjxdash8g51809f30cna4ptd0yv7739rhpxh0bc04xen820gx8qfayt3wcn8hpz22pcprsch1b80qmeavxq73z5kagnm16jcw91h27wesgb17ssdt7yv354jttaj020htw16k83kqqdcs9em1pvngxcdedp182b5ek2a7z256rq8ar62x7v621q7qazs44qbtq2zhn28cf1ad9jq8jsrbef24f1tqwjx76serzd20adrgxakxnmp88a8pbk8g6fgbqkmhgg3qb4g303yqp673qc00g2j1cckpr5te6ffrw33k7bbhd2srx6dm375d7exapq6b1jh8tyacnw7e0q9dt790msz8d80m6t6b56vyx216jqek8g9r91eety8wqhcc64hk42875w56bnzgzg62g039w8y0rr9g6wqpgbg98kgvj9dzr7pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%26client%3Dca-pub-9602519502618262%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ff0102cedd3bad6-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:54 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame DD99 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=6df2ba62ff2c9bcd4832251b7f65f1c3%2F17485580453224571119&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1693430273982&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a8dff99b41c22a085869c33c176425890bc2403a678697c9edb2d80abc9b5f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1k8c5syrwpc963gk1sdr2m063759pe6jw8qqng7nqxkkhn5gm4aqvrbj22aatcm8g3bygt47znr8yrktbhykamdzjh6tp4damcz5ak2hm1r81r0myskfxm407171e8h6zbkbbg2q4c0t9zvvjsfyjmzmqf48tbkrsk020mg8qzsr0ww6bszfm63c4v8esf8enf5pg8nk2wxv9vms0ws028skhrzq1p9zvzmrmwj3e2dewmf79b1k3dtazds95840jd5tn9tw196fm8wyps5zmevxyepxwzq56412rkbhzhk0631c36fhj9rpcs9eec1ddv0sr463q72v0zak0mp9xcdgahhxj1sn8she64ad11bkzjvwyzdfm6c97fn5yrrrgewtxy3f9cffks724qcftsw4h3q89ew7bh1fax21s6zmpe25ydremtyyptq7ddt8s36eqq3y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%26client%3Dca-pub-9602519502618262%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ff0102cede1bad6-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:54 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
adview
securepubads.g.doubleclick.net/pagead/ Frame 7FAB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwcoWALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIMCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvwaGA9ffwZQ5WhMvqxIsjeqsMHp4HCnMP2Ve6efEosQPa76rdDOieAEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTk2MDI1MTk1MDI2MTgyNjIY-t58&sigh=6l9jLAkE3eM&uach_m=[UACH]&cid=CAQSOwBpAlJWqjOs9_SVndQ51XATYhSTmfzkIs-L6BXCLMawbRYLNxLGJ8zvFXXIcOPu-3Sq48db9jE64XtKGAE&cbvp=2&vis=1
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 7FAB 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kMLwCoS9E8QEkAOdg2ICAgAAADJCIdTnX8kaEACy72TUqeu1SZ4raUJfAAASAAAKCkFRVUJEd0VCRHc&wp=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&cbvp=2
Requested by
Host: 9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:53 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
159457
server
Kestrel
content-length
0
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame A114 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=300&d=250&e=&g=8b396a88823e724936078fa7ae8305a8%2F11621732870452224532&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1693430273978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksjwbck6hsrpq4r5zmj1f2yrnh8g4j6vxjagr6v66xnznr91er5v06hzvdcpthcyecx9trsf7wh6sts7y8v6gnwv8avvg5hzb6zaw61d4esmhzfvy8dkfzfk9f45gkq9ymeck1zbxx7wmag76bp3c2dzs9zs8knwnna350c40bj94qqd5vjbvcv3t9817zy900nhkqhgc4e8em92m73sms7p29j9j6tx9sxq9d9wzqgfvetafgyv8ny7nvwk67v1xjaxhvj0z7698aznpxkj158%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=117569%2C195016%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=300&d=250&e=&g=8b396a88823e724936078fa7ae8305a8%2F11621732870452224532&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1693430273978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksjwbck6hsrpq4r5zmj1f2yrnh8g4j6vxjagr6v66xnznr91er5v06hzvdcpthcyecx9trsf7wh6sts7y8v6gnwv8avvg5hzb6zaw61d4esmhzfvy8dkfzfk9f45gkq9ymeck1zbxx7wmag76bp3c2dzs9zs8knwnna350c40bj94qqd5vjbvcv3t9817zy900nhkqhgc4e8em92m73sms7p29j9j6tx9sxq9d9wzqgfvetafgyv8ny7nvwk67v1xjaxhvj0z7698aznpxkj158%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
641084
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJ9pGXnhOeJAN7jnEaln9b29OY0wqVF%2BMCGYhQeJy2Z4N078pBXUNR%2B7I1mfbyGgz3QsrHe3HmWON2vCca2zR2%2BJ2wYxTsVh3a%2FY8CmTA7SQzD9JKQCtn%2BCviOxNGNuArtx97piyExU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ff0102d4e8abad6-MXP
expires
Wed, 30 Aug 2023 22:17:54 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame A114 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=300&d=250&e=&g=8b396a88823e724936078fa7ae8305a8%2F11621732870452224532&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1693430273978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksjwbck6hsrpq4r5zmj1f2yrnh8g4j6vxjagr6v66xnznr91er5v06hzvdcpthcyecx9trsf7wh6sts7y8v6gnwv8avvg5hzb6zaw61d4esmhzfvy8dkfzfk9f45gkq9ymeck1zbxx7wmag76bp3c2dzs9zs8knwnna350c40bj94qqd5vjbvcv3t9817zy900nhkqhgc4e8em92m73sms7p29j9j6tx9sxq9d9wzqgfvetafgyv8ny7nvwk67v1xjaxhvj0z7698aznpxkj158%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55fc10baa9c6fa8d98acac31beba1be0e8f688344f243dea838b5b03e8566a3c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2562558
cf-polished
origSize=9357, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
4429
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Avml2MhhxtzgzmquxTz529kxmQ%2BGurhsjRvva45OO6yX7l7HVAIi4l%2BKVPoZRLp3upMnYRjtZ7MQf0dJtIWNa%2Fw53xBAMHuQ4eqtDIfRihZNp6ueD9jv8OwxlKV29NNd8LtgHeMMfZ%2BJ38OR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ff0102d5dd5bb0b-MXP
expires
Thu, 31 Aug 2023 21:17:54 GMT
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame A114 		253 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=300&d=250&e=&g=8b396a88823e724936078fa7ae8305a8%2F11621732870452224532&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1693430273978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksjwbck6hsrpq4r5zmj1f2yrnh8g4j6vxjagr6v66xnznr91er5v06hzvdcpthcyecx9trsf7wh6sts7y8v6gnwv8avvg5hzb6zaw61d4esmhzfvy8dkfzfk9f45gkq9ymeck1zbxx7wmag76bp3c2dzs9zs8knwnna350c40bj94qqd5vjbvcv3t9817zy900nhkqhgc4e8em92m73sms7p29j9j6tx9sxq9d9wzqgfvetafgyv8ny7nvwk67v1xjaxhvj0z7698aznpxkj158%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1162636
cf-polished
origFmt=png, origSize=431531
alt-svc
h3=":443"; ma=86400
content-length
259252
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Jun 2023 10:20:07 GMT
server
cloudflare
etag
"16f7fe8ce7119ba0f513f8179ecb2d3a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtE5Rx%2BSqxN9NdcD8NqrySy3OocBqYJ22cFbfK193VT9455ELlU9ZGXkcVrebO5wCno%2BDNxwMqqgbx3BUYIKAIC4k5u7t%2BYhDejh3V11gumaPfKr5AAemBJQBN3mcnKMF7T5b0Ve%2BlQjh0Xd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ff0102d5dccbb0b-MXP
expires
Thu, 31 Aug 2023 21:17:54 GMT
cshow.php
www.awin1.com/ Frame A114 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=300&d=250&e=&g=8b396a88823e724936078fa7ae8305a8%2F11621732870452224532&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1693430273978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksjwbck6hsrpq4r5zmj1f2yrnh8g4j6vxjagr6v66xnznr91er5v06hzvdcpthcyecx9trsf7wh6sts7y8v6gnwv8avvg5hzb6zaw61d4esmhzfvy8dkfzfk9f45gkq9ymeck1zbxx7wmag76bp3c2dzs9zs8knwnna350c40bj94qqd5vjbvcv3t9817zy900nhkqhgc4e8em92m73sms7p29j9j6tx9sxq9d9wzqgfvetafgyv8ny7nvwk67v1xjaxhvj0z7698aznpxkj158%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.20.213.154 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-213-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:54 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame A114 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=300&d=250&e=&g=8b396a88823e724936078fa7ae8305a8%2F11621732870452224532&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1693430273978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksjwbck6hsrpq4r5zmj1f2yrnh8g4j6vxjagr6v66xnznr91er5v06hzvdcpthcyecx9trsf7wh6sts7y8v6gnwv8avvg5hzb6zaw61d4esmhzfvy8dkfzfk9f45gkq9ymeck1zbxx7wmag76bp3c2dzs9zs8knwnna350c40bj94qqd5vjbvcv3t9817zy900nhkqhgc4e8em92m73sms7p29j9j6tx9sxq9d9wzqgfvetafgyv8ny7nvwk67v1xjaxhvj0z7698aznpxkj158%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1437047
cf-polished
origSize=115129, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
75430
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmg0Z%2B175PzyCOc2%2BgVvzTse5EY1ru8H77a%2BDGPrW2kI3G5yXK3gAkRtWglPgiYiTICJpeM4dKBKdW27Y58D5%2Bjad2qqHOB%2BhhcFYdIJEjzMfton0IApGegrBPTW3GidZzxq0m1xKdlsoIdL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ff0102d5dd0bb0b-MXP
expires
Thu, 31 Aug 2023 21:17:54 GMT
0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame A114 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=300&d=250&e=&g=8b396a88823e724936078fa7ae8305a8%2F11621732870452224532&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1693430273978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksjwbck6hsrpq4r5zmj1f2yrnh8g4j6vxjagr6v66xnznr91er5v06hzvdcpthcyecx9trsf7wh6sts7y8v6gnwv8avvg5hzb6zaw61d4esmhzfvy8dkfzfk9f45gkq9ymeck1zbxx7wmag76bp3c2dzs9zs8knwnna350c40bj94qqd5vjbvcv3t9817zy900nhkqhgc4e8em92m73sms7p29j9j6tx9sxq9d9wzqgfvetafgyv8ny7nvwk67v1xjaxhvj0z7698aznpxkj158%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
514558
cf-polished
qual=85, origFmt=jpeg, origSize=60344
alt-svc
h3=":443"; ma=86400
content-length
22974
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Mar 2023 22:26:34 GMT
server
cloudflare
etag
"06609266defcd14ec685b2464aeced2e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVh1cqBdsC5aRLO4kFDVAj2sSNSgnZf2%2B02Mmf9MLLvwk3pOoR2TJdr170ITMk7CZRDXy9x3UoPfAk47GvS2wS2ayZAHGGmEQvGi%2FTgw4N9OCFxKKDbtsHepgTVAys4B8%2FOizhkPmeYDCDs%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ff0102d5dcebb0b-MXP
expires
Thu, 31 Aug 2023 21:17:54 GMT
/
partner.o2online.de/a/ Frame A114
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CN-HxK-nhYEDFeyR_QcdDlYK7w;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023083023175488434161071X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202308...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023083023175488434161071X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023083023175488434161071X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=300&d=250&e=&g=8b396a88823e724936078fa7ae8305a8%2F11621732870452224532&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1693430273978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksjwbck6hsrpq4r5zmj1f2yrnh8g4j6vxjagr6v66xnznr91er5v06hzvdcpthcyecx9trsf7wh6sts7y8v6gnwv8avvg5hzb6zaw61d4esmhzfvy8dkfzfk9f45gkq9ymeck1zbxx7wmag76bp3c2dzs9zs8knwnna350c40bj94qqd5vjbvcv3t9817zy900nhkqhgc4e8em92m73sms7p29j9j6tx9sxq9d9wzqgfvetafgyv8ny7nvwk67v1xjaxhvj0z7698aznpxkj158%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:17:54 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023083023175488434161071X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023083023175488434161071X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
date
Wed, 30 Aug 2023 21:17:54 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame A114 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=300&d=250&e=&g=8b396a88823e724936078fa7ae8305a8%2F11621732870452224532&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1693430273978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksjwbck6hsrpq4r5zmj1f2yrnh8g4j6vxjagr6v66xnznr91er5v06hzvdcpthcyecx9trsf7wh6sts7y8v6gnwv8avvg5hzb6zaw61d4esmhzfvy8dkfzfk9f45gkq9ymeck1zbxx7wmag76bp3c2dzs9zs8knwnna350c40bj94qqd5vjbvcv3t9817zy900nhkqhgc4e8em92m73sms7p29j9j6tx9sxq9d9wzqgfvetafgyv8ny7nvwk67v1xjaxhvj0z7698aznpxkj158%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1892311
cf-polished
qual=85, origFmt=jpeg, origSize=58124
alt-svc
h3=":443"; ma=86400
content-length
9782
cf-bgj
imgq:85,h2pri
last-modified
Fri, 08 Jul 2022 10:19:52 GMT
server
cloudflare
etag
"b4342e277c43aad9c5020a04564bfd1e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IV53GQLFYHr%2Bw9baerYmfQx8zOU%2FdoK6Guq5PdSwt9ScSDe5bFxu2Istx7NV9wqVcxIwy7lZq3%2BXF64fFMtR9zO9C0QQcU5rsQ641HmP7vsZH1vWQMwygLtxYzRffL0UXQU0Ep7LOFERd4S2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ff0102d5dd1bb0b-MXP
expires
Thu, 31 Aug 2023 21:17:54 GMT
279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
assets.ad4m.at/ Frame A114 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=300&d=250&e=&g=8b396a88823e724936078fa7ae8305a8%2F11621732870452224532&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1693430273978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksjwbck6hsrpq4r5zmj1f2yrnh8g4j6vxjagr6v66xnznr91er5v06hzvdcpthcyecx9trsf7wh6sts7y8v6gnwv8avvg5hzb6zaw61d4esmhzfvy8dkfzfk9f45gkq9ymeck1zbxx7wmag76bp3c2dzs9zs8knwnna350c40bj94qqd5vjbvcv3t9817zy900nhkqhgc4e8em92m73sms7p29j9j6tx9sxq9d9wzqgfvetafgyv8ny7nvwk67v1xjaxhvj0z7698aznpxkj158%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b34452c32ec1393e9f2ae9d849683de6302ffad75c1ea07b272b2612a3e4608

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
610252
cf-polished
qual=85, origFmt=jpeg, origSize=118462
alt-svc
h3=":443"; ma=86400
content-length
48886
cf-bgj
imgq:85,h2pri
last-modified
Mon, 22 May 2023 10:37:58 GMT
server
cloudflare
etag
"e187204ef9c8be7cf929e4efd6627a4d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqdVdhTofFXROcQ4hTG577L9tCn52UeBTpubgSMuiZWW0KpTals1YH2TWelfQAND93j2aSiHrVEDxrPJA%2BkdxbILJ5It1kAMsRk1HvrNggrE2aFhL4HS7THVuhNgi0cFQxLJxdFDZ1%2FlyKrP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ff0102d5dd2bb0b-MXP
expires
Thu, 31 Aug 2023 21:17:54 GMT
2aed39855b5f46b777481d90b61d111f
pv.medialead.de/trck/epv/ Frame A114 		0
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/epv/2aed39855b5f46b777481d90b61d111f?t=htlp&subid=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C59372&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2CzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91&c=300&d=250&e=&g=8b396a88823e724936078fa7ae8305a8%2F11621732870452224532&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1693430273978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ksjwbck6hsrpq4r5zmj1f2yrnh8g4j6vxjagr6v66xnznr91er5v06hzvdcpthcyecx9trsf7wh6sts7y8v6gnwv8avvg5hzb6zaw61d4esmhzfvy8dkfzfk9f45gkq9ymeck1zbxx7wmag76bp3c2dzs9zs8knwnna350c40bj94qqd5vjbvcv3t9817zy900nhkqhgc4e8em92m73sms7p29j9j6tx9sxq9d9wzqgfvetafgyv8ny7nvwk67v1xjaxhvj0z7698aznpxkj158%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtrSALLvZIDAMo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSGAk_Qymsgio-3KVcbEdQEB3CwKQq7pXfkyBNVlJoUAHFIVzwFKfpOlVTVoboB1_8HJ8qwjjBG6TNIPw2LYaQC8_6_Aux9tLg0wiGILi9jbJ1mgOoKhgfkO9Xp5FMeooH1hc-CVWz4nC96U_PJxEFGOMoRgLNlr0CQbn7sStS_6dsBZR8vTj6SeTFmhyMM52oEO1KVVXommsbt1PqmpbS-80oIpvppx64hOszUPubZ8z_mKZArHka1ssRMyHxJ5UpvvP0hNgmABDRLyxcBcr_ICggPzqWdhKopvPAFubw8M_MGIL9EhsdWJ5I9G6w0vVXOZ8HkE-V-aR7suyV7Wla1X5T3I5Y54tDgBAGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0V-raVe9-PoOH4hx3sRnamfI5vgA%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:17:54 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Host
pv.medialead.de
X-IPLB-Request-ID
B00A6BED:EA9C_91EFC182:01BB_64EFB202_9B20D6C:22022
X-IPLB-Instance
40027
Vary
Origin
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Access-Control-Allow-Credentials
true
Content-Length
0
Proxy-Host
pv.medialead.de
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame DD99 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=6df2ba62ff2c9bcd4832251b7f65f1c3%2F17485580453224571119&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1693430273982&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=6df2ba62ff2c9bcd4832251b7f65f1c3%2F17485580453224571119&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1693430273982&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
641084
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiowQGXByY%2BxzzZca7RS5UnOiW4iSBcvoiMD1sqKalHmSpYF5rTj2UL%2BI%2FRibra07H%2B%2FNnudg%2B%2Bij8aECQVwO3oT1hs3OwO8F6n1YVfrRb%2FgUQ7yU27i3QKIJPgle%2FC64lMJnP8DXvg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ff0102d5e9cbad6-MXP
expires
Wed, 30 Aug 2023 22:17:54 GMT
AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame DD99 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=6df2ba62ff2c9bcd4832251b7f65f1c3%2F17485580453224571119&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1693430273982&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
179517
cf-polished
origFmt=png, origSize=60352
alt-svc
h3=":443"; ma=86400
content-length
32982
cf-bgj
imgq:85,h2pri
last-modified
Fri, 28 Jul 2023 11:40:29 GMT
server
cloudflare
etag
"0c5d451d92738dcd96474c734dc5b7c8"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDcDJTGsTuaf2BqEl%2BQAVeg0tXZCPOK%2BFoc35fZ%2FzGRPZSm43c2WaMTpkqM5ghDWTBPX84MrPlDzoiBiM1ibGqAqyx%2Bw5aBAgTMXSsTIn%2F1oSeLKFbPdaMN%2FiezElvw4Q1oBuXaQ79ar5%2F4S"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ff0102d5dd3bb0b-MXP
expires
Thu, 31 Aug 2023 21:17:54 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame DD99 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=6df2ba62ff2c9bcd4832251b7f65f1c3%2F17485580453224571119&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1693430273982&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2452437
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400
content-length
55786
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Emk8mgY3WGvBEYP7VW0wIqZp%2BKJS6%2BbCLep%2FSsewo%2FArGpy%2F0o8yvD3yEOePO7pHl6vZEWfr6mhYNRTsFY71qxXbOJ6L4l19KOvqL1yXtxW%2Fd4DOd%2F6yo82TtxIeFNcx1X3c%2ByPAK3cxSeml"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ff0102d5dd6bb0b-MXP
expires
Thu, 31 Aug 2023 21:17:54 GMT
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame DD99 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=6df2ba62ff2c9bcd4832251b7f65f1c3%2F17485580453224571119&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1693430273982&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
613775
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Qsn9YEQYHQFdPjiarqr9krT4iqhQbuWYuEuSQ22zVy3%2BxR6%2Fy95vaYeqSyrZbYYA%2F7vVRjtQ9Zb32qXZYgFDFv%2FPx3fOpYDV5%2B8bxYyxfX6eEq%2F4woDCuGz1zPzatOlytJV%2FoohTKW2nsc2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ff0102d5dd8bb0b-MXP
expires
Thu, 31 Aug 2023 21:17:54 GMT
809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame DD99 		699 KB
701 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=6df2ba62ff2c9bcd4832251b7f65f1c3%2F17485580453224571119&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1693430273982&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1874080
cf-polished
origFmt=png, origSize=1123807
alt-svc
h3=":443"; ma=86400
content-length
716228
cf-bgj
imgq:85,h2pri
last-modified
Wed, 26 Jul 2023 14:19:55 GMT
server
cloudflare
etag
"5f84457cb2289c51e589af098eed3611"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95O7%2BVwjpG32SqzwXGUP5zmA1XQXhLcUkcOmioXsVZwXjVw5b4WZEI612D8QHrkbbDlhtJCSbj5oAToC%2BSj1gorttKuE372AtZkv4Eb9D853JHny4rZCvbfcGV3J3WJ6Furg%2FFqrC3oTNVVc"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ff0102d5dd9bb0b-MXP
expires
Thu, 31 Aug 2023 21:17:54 GMT
ztpv.php
www.conrad.de/ Frame DD99
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1693430274_aef702f0-477a-11ee-b98b-2233369fc7ee&insert=AW&&gdpr=0&gdpr_consent=
0
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1693430274_aef702f0-477a-11ee-b98b-2233369fc7ee&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=6df2ba62ff2c9bcd4832251b7f65f1c3%2F17485580453224571119&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1693430273982&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6813:afbe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
7ff0102fbb6b0e6d-MXP
content-length
0
expires
-1

Redirect headers

Date
Wed, 30 Aug 2023 21:17:54 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1693430274_aef702f0-477a-11ee-b98b-2233369fc7ee&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame DD99 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=6df2ba62ff2c9bcd4832251b7f65f1c3%2F17485580453224571119&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1693430273982&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28d1764b929a95aad8c00aa782bf66c9ab265c40e5ff9ff6fc4226f0af7a94a1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1257837
cf-polished
origSize=62828, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
54937
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOGMwCqhGEj1iTzOzRdXRemR3h9AgMFHW7scxtUv8tjgtE%2FRL9OKhXK5Mi932Dhid6%2FT%2F%2BwLFRAgm4VF26BnaNTpyHrbE0VpU3MIjyuSoiT1dBVPp1xRZKGnEnxkLis4ceonl7m2YfeHymtZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ff0102d6e14bb0b-MXP
expires
Thu, 31 Aug 2023 21:17:54 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame DD99 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=6df2ba62ff2c9bcd4832251b7f65f1c3%2F17485580453224571119&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1693430273982&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
155694
cf-polished
degrade=85, origSize=133780, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
38661
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hp%2BRynW9X3MlalKQICIq%2FGqIihMLxuxK0Z6jaAmtEuTq0up3ucvcBei2A1qGJ0jlLPdJXANlUZ8v7Vh4OEYz263F3kDdZU42LT0JcKDQLATBawWP0DvWzpCRn9VxFFoHN%2B3KK4qLy33jaJmM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ff0102d6e19bb0b-MXP
expires
Thu, 31 Aug 2023 21:17:54 GMT
cshow.php
www.awin1.com/ Frame DD99 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6Aoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=6df2ba62ff2c9bcd4832251b7f65f1c3%2F17485580453224571119&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1693430273982&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.20.213.154 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-213-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:54 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
link.html
track.webgains.com/ Frame DD99 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hzmts0ft36mkca6s4d30n9anvcwk164gp7tfc31s6eqzpthhx2g4k2bhd8qcdz703408ch1rtqkcj16vvsnk4c9m5tgyxmxzvfnca8nwm65agbr3w7gcx3b45xhz5jgxf71xjk7kqs2rqw7nbg9a29h23btf8r4fr68q5k464pm652bgza2vc9p3jndjtv9fww7n9jgpact9r8t2bv4fsxwwx5p3945d744twr8xcz95yvvj6nanns8sgvanmgjqr2cr%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%252526client%25253Dca-pub-9602519502618262%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=6df2ba62ff2c9bcd4832251b7f65f1c3%2F17485580453224571119&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1693430273982&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.22.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-22-61.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
afe11529cfc38dbc6bef6006e2eebc65d0b141e1676fd1ea39e2ad2f974b15d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
last-modified
Wed, 30 Aug 2023 21:17:54 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 30 Aug 2023 21:18:54 GMT
/
onetag-sys.com/usync/ Frame 1745 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pvClk.min.js
analytics.webgains.io/ Frame DD99 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hzmts0ft36mkca6s4d30n9anvcwk164gp7tfc31s6eqzpthhx2g4k2bhd8qcdz703408ch1rtqkcj16vvsnk4c9m5tgyxmxzvfnca8nwm65agbr3w7gcx3b45xhz5jgxf71xjk7kqs2rqw7nbg9a29h23btf8r4fr68q5k464pm652bgza2vc9p3jndjtv9fww7n9jgpact9r8t2bv4fsxwwx5p3945d744twr8xcz95yvvj6nanns8sgvanmgjqr2cr%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%252526client%25253Dca-pub-9602519502618262%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 16:40:54 GMT
content-encoding
gzip
via
1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 14:11:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
16621
etag
W/"cb7accb6a6fc086cd831549a78a2fe42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
lVnh-esyBxbYYPKz3VywW6rMmiDbPaWxV1QgmBumU10tSD69jznX1Q==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame DD99 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1693430574&Signature=Sxk39dGk6ZsKhhSvDjjNkQBa2CcMuhXYY-1DbJxApzfy2X5VRnvQDB5jWfo9fOA4cx-mdPAp4kWMUe4VvXswRAAMGEXhBD6Nf4LUSIWTeV8exbWwaGI3tc5KzAmS4nwcVOxSw-ceyltMEHaQVuiJf2Y9o9~mya8nRy9s2CG225LrEGPHBm~UfJF-d0wY0-hCYKqPqkK51zEY6oliCFd1BMsmqgaWLZ9abaJgYMgt1QobdBhAV7SMhkNVmBpwEcmO~QJ4JbN2-UWFBzuYIK7-HvKVB0mRgp3pMPJ1J~auJ7KvO0gy-pOTBFtVBc2Nx0tfF-4U4Gy-qonfi81Ct1rBAQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=6df2ba62ff2c9bcd4832251b7f65f1c3%2F17485580453224571119&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1693430273982&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4z5ee7b9ahwejkms86xhcvrcgqwt6kn7zpmzzzmw9pa7s7xspspv98ktdz1nmp8p4smcpsskvdjhhb096b15cw4f4g0sk8t3gsxzwmh33btx43t90384eqx76cy3wz3q7c223v2jma5d8e3ky1p923nk1aec4abzp8m1y9s2vt31bavqqctqymgq6pwcv5t66jat092caarxypmk5jkpnsa2xe617fw30g4n546wmwvhrbs7mz1ykgfpxessw6jmttrwxfa2abwxjwvr16vp90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrBrWALLvZP2_Mo_O1gbS9IOIC5DhgYRctqjCivACwI23ARABIABglaL0gZQHggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAqR8zzX7PrI-4AIAqAMByAMCqgSIAk_QdvDUobn3qzvN1EJbIkvhGvXmqtyOeANQVW50jCzcEpcuPumdFmlPVX2xhYZ1f3iVMBPJr8283DDIqIiy15BGyJORYbwW7-jqJaaOOA73LV82_r_HNeBN2g85LEtcISYEOXv9R4VzCSKu4ffNomuaBYk_cRofJjq62-gBS9q-8LY1Z_CWlZkjINh_zF5aLbSeD5T-9JXh_JU9qnHMKSexkDvNwWLm1i58KJu3GTubFFUhkIsT4wivcqEehuvT7LiSGrClE22B3LANHfC4HiwCTCB78k-hLv5IL1IV2Evnkn2Ueom6-2Io_0H1woFx6qEhKHLOeD6cZwrzwUaMx-VVzjkWf-dOyuAEAYAGx5G4oZi-xt9soAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_03zBUXCTb_-1Vm2waprvI2ivPxpw%2526client%253Dca-pub-9602519502618262%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 30 Aug 2023 08:17:16 GMT
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
46839
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
2XzmuUFNLQZlekouV8Ow7Ml5LkJDicdpkrsJOuPWF-DWGnO6DCLFGQ==
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Aug 2023 21:17:54 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-17ba9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Aug 2023 21:17:54 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8891 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvei2sqnZL1RSGNxIvNif5i1qiPQzJf69YPTa-ahH9aoXWy44O7VaA9pKKQoeJVWxG_P30SbWDeIFFeovRI-HX74VjUWxiduRMSbKn6&sig=Cg0ArKJSzKx3N7H1A9J1EAE&id=lidar2&mcvt=1000&p=473,1077,723,1377&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3798138915&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693430273250&rpt=436&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7FAB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZHIUk6kxCQsnvBldyaPbjrSH7MA2nM8Q0ho5WSO5bOTZ356967Fm_ZCsnlz4EiaFwkIMCEFk7ycLLscdVL9WPqrFXYK0kFx5nfqE&sig=Cg0ArKJSzEsrnc_Sv-ayEAE&id=lidar2&mcvt=1003&p=346,372,746,952&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3944560474&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693430273241&rpt=405&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077464
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d38e36b243d59eca2f54758553fd507605fa93431b16145729ca4fddd58e02f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11656
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 3D60 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:54 GMT
server
Kestrel
server-processing-duration-in-ticks
242205
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 3599 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsui4ZH54oENGUiv91kZpt8CscVigAXc9okbiFsrBYngX2Eh8UJOme7j9XVpekJhI58zE6Pexlov9rb-oc6zaK0eLbtY_jmJyhAI5MUV&sig=Cg0ArKJSzFeEX2Hbr-A4EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=840525636&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693430273220&rpt=402&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077464
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 21:17:54 GMT
all
csm.eu.criteo.net/ Frame 3854 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=El7tZ2NqQKaRZfrUPoii2oD-F-ABYd7gdo-XZsA4Am5J8Sra8n71EjK5shZ5wOsQrflksXTncwgtX4xo_nkcHBf0WhSNLS5klh5GBXDqWS88vawUz__OX7G6thb4CPrtEuIX_Cb2g3fi_6Dv9lxwKZId1fK_JbyyG57WCY8NyVzaMxv75SrkgHx1LR9MYBX8veSGvmlR1aw_ek5BRHNbQN-vyGe-GgcNBXCPnjjHGe6kdaBH_ziJ4Cyj8QRMBhYXQ1qy5A&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO-yAAAMn_4K1acPAAD6Ul4bpn99vQDM5IgTyw&u=%7CCMesMIer2%2FvB2M2FKBsbS9t7YbqGFYASoZ%2FcZBgWHuc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANe32B4ZSOB9qIfIPm_t32IHxRU9MXJ3_pYk2N0iIvy-WsatR2SRKD1fYiy_VAo8khGQi88uAWtDrlUD3Ldgi1Kprb_pLttr1Q80ydgEvGyxKu9IgQzBtSrDvEptG9cVAIJIyhkjFxsjo-VHM9GFTYoxUXsHFGWS2AZcrBap8ig1D1Vl3TAWVSf_MaQumPZJTjvxc080KgnF4Nk7XAd3akCDGe_jr1Hb-y7prAVzY2RrNxzfjTxjoYosBzMKUbLkCkRHWWnQpwStsX7YGtNf3agyt-v8cd63JDxHZ4Z_2kv_lv5ff2CAkoSTBR1tvBIIl_YexgtzP0CjnUG_KwosJ7EBH-auVuHL_Zf7-joVBxnf4gtc135kA8xfqUyWJ1m5W4BRS3jDWSKGGC5ytmnr4VkGq1v92f0rMkjpbGj8mkprlfeMHCZzPcNB7ZYxPLIBA_tb_usUjpe3v5BqtYujU7eSdc8Q_HKpKoU-KZyJWSPpx6FMbP8JBqzkhtuvbxiO-THF968mr1I5Iz1yxt1dpxOPgz-vMvnWeQYNSn_AuozK-YHOzVw8cDk9fzJ9zVHzI0Cv1pW9MRX9aScPgCYym_V_lCO2TNW-S9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNxxHALLvZP6_Mo_O1gbS9IOIC8me0rFc1Z2R93DAjbcBEAEgAGCVovSBlAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCpHzPNfs-sj7gAgCoAwHIAwKqBIYCT9BYtyC9nMHyYI1ocZo5ohJoTcf6RZZECb20UM3vsmyyUAJTOJz9X90121c7BrIxu8cAV_bGMz06s5HVEdpaJ9qM9V1GpAVix6Cbktf_mwW2nDE6LiZcHNDXAs6Mydmx2_FhZw7LDPx9V2mIbXs_habdKdmma2UrIhQVmr9OmFXalx_ZEW8PXgfOQG1ZEdD6i1_ODzzge2ezngl2BL1gVxLRwvC-L6CGsDZb4EV6xDKUAUE1MeNMKjHJKDHbLNbotqfNFeh-JzMcN6Cs3XLDcjI9lYv0o0bCZuAFBvxYGi7N-InM9tfQqg-Yj5FSudXjVnqJKH8hs5o54DQOEbZ_B1TdNm2sr-AEAYAG34u-2JSpp-VUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2p3vcoB-Z0MbCLWFbK6c-IzEwQpA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 21:17:54 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C47 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1543
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 20:52:11 GMT
expires
Thu, 29 Aug 2024 20:52:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 26DA 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
34a2d107c8068df21c0f422817cd6910b483446908e22f2397db1ebff94b6b16
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-llExGSd3EiMdZElZFSUo8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-llExGSd3EiMdZElZFSUo8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:54 GMT
expires
Wed, 30 Aug 2023 21:17:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sid
mug.criteo.com/ Frame 3D60
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=NUcUEXxvenRvRE1xd01FRHI5TlVWSURLQ2NWQ1IvUlZxVndmcVl3bUUxUVhMNThseXVSbnFSYStsZE1VeUtMbUNZZ0pKQnZjY21Ua0tJZUFhV3N0UFNNVWJLNTlya2xDTzBZL3loRjF0SEpTRWE5aElRZ1ZvbCtwcGVlNj...
422 B
663 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=NUcUEXxvenRvRE1xd01FRHI5TlVWSURLQ2NWQ1IvUlZxVndmcVl3bUUxUVhMNThseXVSbnFSYStsZE1VeUtMbUNZZ0pKQnZjY21Ua0tJZUFhV3N0UFNNVWJLNTlya2xDTzBZL3loRjF0SEpTRWE5aElRZ1ZvbCtwcGVlNjN4UlcwWU5YNVBGYlk4cWlidVFOZmVhYmxLWW1sZC9MVVJ0WEkzclU5NU1wN0xad2tpU0E2V3JlMjVoTVFMQ2JVUTJSU2VKcVNGcVY0MCtkL21Td1A3eWVJMmJhWnMrS0tZRHQ5bm1oN2kxd043Wnd4NDlta2JDQ0JicE93ZzJzYmtyd2dDcUh6cnp2ejZ4elpvcG1Qc2l3UDFuV0haQT09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c8590d1ff746101aed27ee901541ed60ce68e5c1925211610d25db1f23a62022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1291252
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=NUcUEXxvenRvRE1xd01FRHI5TlVWSURLQ2NWQ1IvUlZxVndmcVl3bUUxUVhMNThseXVSbnFSYStsZE1VeUtMbUNZZ0pKQnZjY21Ua0tJZUFhV3N0UFNNVWJLNTlya2xDTzBZL3loRjF0SEpTRWE5aElRZ1ZvbCtwcGVlNjN4UlcwWU5YNVBGYlk4cWlidVFOZmVhYmxLWW1sZC9MVVJ0WEkzclU5NU1wN0xad2tpU0E2V3JlMjVoTVFMQ2JVUTJSU2VKcVNGcVY0MCtkL21Td1A3eWVJMmJhWnMrS0tZRHQ5bm1oN2kxd043Wnd4NDlta2JDQ0JicE93ZzJzYmtyd2dDcUh6cnp2ejZ4elpvcG1Qc2l3UDFuV0haQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
286532
content-length
0
expires
0
QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
pagead2.googlesyndication.com/bg/ Frame 2C47 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
110885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14803
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 14:29:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 26DA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308280101&jk=935239145419805&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2C47 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DBFfFg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.168.253 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-168-253.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 30 Aug 2023 21:17:55 GMT
server
nginx
tracking-event
api.webgains.io/ Frame DD99 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.168.253 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-168-253.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A73F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: pastelink.net
URL: https://pastelink.net/sxanhomm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=21925
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 30 Aug 2023 21:17:55 GMT
expires
Thu, 31 Aug 2023 03:23:20 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame A73F 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97857278&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a5e5648e26f0e9d61356cf84183e1ef1b63cbc92caa8476aadbd04fecae44743

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 21:17:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame EDA6
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:54 GMT
expires
Wed, 30 Aug 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
982775
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame E65A 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 30 Aug 2023 21:17:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
GMHV78KH6DYFV5SJVGZS
Pug
image2.pubmatic.com/AdServer/ Frame A1C2
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9WDSV6FmhwDubYRT8zWaBvQw0gbuYI4Bp2JZmaS6
42 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9WDSV6FmhwDubYRT8zWaBvQw0gbuYI4Bp2JZmaS6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 30 Aug 2023 21:17:55 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9WDSV6FmhwDubYRT8zWaBvQw0gbuYI4Bp2JZmaS6
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 569E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8922632082486160958&gdpr=0&gdpr_consent=
42 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8922632082486160958&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
65989bf9-23fd-4217-862f-a2cb526c081d
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 21:17:55 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8922632082486160958&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
176.10.107.237; 176.10.107.237; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 872E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273227640611928218&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273227640611928218&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 30 Aug 2023 21:17:55 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273227640611928218&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 4E7F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MbtkqGTcW2dNwrNZRB8WaLAKa-0&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MbtkqGTcW2dNwrNZRB8WaLAKa-0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 30 Aug 2023 21:17:55 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MbtkqGTcW2dNwrNZRB8WaLAKa-0&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 64AA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO_yAwAMosSvAQAb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 30 Aug 2023 21:17:55 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6929-MXP
x-timer
S1693430276.554685,VS0,VE103

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Wed, 30 Aug 2023 21:17:55 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO_yAwAMosSvAQAb
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6929-MXP
x-timer
S1693430275.436801,VS0,VE99
Pug
image2.pubmatic.com/AdServer/ Frame B0A3
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3e35cfeb36bd4288a3e0903ebcaaf1dc
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3e35cfeb36bd4288a3e0903ebcaaf1dc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 21:17:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3e35cfeb36bd4288a3e0903ebcaaf1dc
pragma
no-cache
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame EEB1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFczdVN0ozMlFBQUNWZmpxaTUzUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEs7U7J32QAACVfjqi53Q&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5824489679850151208&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAEs7U7J32QAACVfjqi53Q&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5824489679850151208%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5824489679850151208&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEs7U7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEs7U7J32QAACVfjqi53Q&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEs7U7J32QAACVfjqi53Q&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 30 Aug 2023 21:17:56 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEs7U7J32QAACVfjqi53Q&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame ACE9
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 21:17:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 30 Aug 2023 21:17:55 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 5AF9
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084926951602493
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084926951602493
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 30 Aug 2023 21:17:55 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084926951602493
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame D274
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent=
42 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 21:17:54 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bridge
cm.adgrx.com/ Frame 851D 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 30 Aug 2023 21:17:55 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-5
Pug
image2.pubmatic.com/AdServer/ Frame 49FA
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4587697792382255801
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4587697792382255801
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4587697792382255801
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cm
ipac.ctnsnet.com/int/ Frame 11E8 		43 B
212 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 30 Aug 2023 21:17:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame DCA7 		43 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 30 Aug 2023 21:17:55 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-1848793ac589@version_1.568
X-core-time
1ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame 524D
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1cih5oky3kh7
42 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1cih5oky3kh7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Wed, 30 Aug 2023 21:17:55 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1cih5oky3kh7
lws
35
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
image2.pubmatic.com/AdServer/ Frame 33C8
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=fa2a563ad4c3b4ca/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=c28efafee62e3c4f83505e281543f0a6&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMgXgVUYgQWjYhWjg&gdpr=0&gdpr_consent=
42 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMgXgVUYgQWjYhWjg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMgXgVUYgQWjYhWjg&gdpr=0&gdpr_consent=
setuid
u.4dex.io/ Frame F7E6 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 30 Aug 2023 21:17:55 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A73F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b8NuPusMSeaKmrdk4r5ccQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=21925
accept-ranges
bytes
content-length
5606
expires
Thu, 31 Aug 2023 03:23:20 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame A73F
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
52.50.102.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-102-52.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.118
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.29.28
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame A73F
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=592136719
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=592136719
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
via
1.1 google
last-modified
Wed, 30 Aug 2023 21:17:55 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
via
1.1 google
last-modified
Wed, 30 Aug 2023 21:17:55 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=592136719
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame A73F
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aDgyMnNYbXRCYy1UbjYtM1ktNVBFbmViQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5695076676199403673&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Server
52.55.229.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-229-9.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:17:56 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 30 Aug 2023 21:17:56 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame A73F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkZDMzZFM0UtRUIwQy00OUU2LThBOUEtQjc2NEUyQkU1Qzcx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A73F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO4FOPy7epHMWPGichQ5lBk&google_cver=1
42 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO4FOPy7epHMWPGichQ5lBk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO4FOPy7epHMWPGichQ5lBk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame A73F 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 29 Aug 2023 21:17:55 GMT
generic
match.adsrvr.org/track/cmf/ Frame A73F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame A73F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5695076676199403673
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5695076676199403673
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5695076676199403673
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A73F 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:999f:1d55:f8df:b156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame A73F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3B.ol.9E2uUcm8adN0.cVhYN_IF.Hg0-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3B.ol.9E2uUcm8adN0.cVhYN_IF.Hg0-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-3B.ol.9E2uUcm8adN0.cVhYN_IF.Hg0-~A&gdpr=0
date
Wed, 30 Aug 2023 21:17:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame A73F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e28551c6-183a-49d1-b6ab-b5e2b935f090&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_bb8590e6-5a03-49e1-9334-a963783a7bb5&bsw_param=e28551c6-183a-49d1-b6ab-b5e2b935f090&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e28551c6-183a-49d1-b6ab-b5e2b935f090&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e28551c6-183a-49d1-b6ab-b5e2b935f090&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e28551c6-183a-49d1-b6ab-b5e2b935f090&gdpr=0&gdpr_consent=&gdpr_pd=
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame A73F
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1e3ad045818b182f&is_secure=true&networkId=17100&version=1&nuid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH7sG4QN45cANwbUvDAAAAAAA&expiration=1693516675&nuid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&...
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH7sG4QN45cANwbUvDAAAAAAA&expiration=1693516675&nuid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH7sG4QN45cANwbUvDAAAAAAA&expiration=1693516675&nuid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame A73F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6919021736534392851&gdpr=0&gdpr_consent=&us_privacy=
1 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6919021736534392851&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 21:17:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6919021736534392851&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame A73F
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f79f1f46-7cb1-440b-b765-73889023ef05&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f79f1f46-7cb1-440b-b765-73889023ef05&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f79f1f46-7cb1-440b-b765-73889023ef05&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 30 Aug 2023 21:17:55 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame A73F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=64a79794-ccda-4083-84d7-13e1b48e04d1-64efb203-4348&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=64a79794-ccda-4083-84d7-13e1b48e04d1-64efb203-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:54 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=64a79794-ccda-4083-84d7-13e1b48e04d1-64efb203-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308280101&jk=935239145419805&bg=!a2ilaCfNAAYHwnCgJ8I7ADQBe5WfODpwqp8oaYwqXtAwe5tQ1J7pCGMNl0kc-6NTv8TuiiBX2KPJMgzguLMtKzCeRNHKAgAAAE9SAAAAB2gBB5kCtZqJhMGEzQR-BXdUmMxeW766KUVi-tuuXZvqfEph7ji7R8S8LrYmBYw8dSjzbijepaPKk2LOIaju1JHE2RtFujtxXz0AlLDLuKCl-XbrqxM7e12Suv4Cq-1E5kScsVNox0IF8epE1Poy9Txzy5bq9liboYCyIUFmk0ln8x-q0U-QaAfr9INmTSAz4vvziyTYrJ-gYDqRnb5EndInjSDXEksgMdyHOiGb4joyNnNp29nxJme-IxIib6stQSOhHKRkoNrwZDMnfHdMV1tZmke7-wljJhN2wUjynmBvSW8SeagDsH0XcrNWIZH28-q0gUql4ZBQG-vWwTVv6_IPJR5Z3KKEzDnS4CNhqyPyaon4sh_rH6GhGriUkkPtIyx80Ccc2aacrRJmJYkRtR04npf8Voz59hM6UK38K0wMN57J3hQk4K_llwgs7spHvHfW5aH2Jyfh1gdxGfR_Ub9GNmjYcMcTq3HNSn3OiKKZ4ZCgRE6RwAF3GwDUvk7xUZMOy-2-z4l_je8hWuQLRj0pHmuqKNQfBiePfFl8Xx5XCS28m3fxc3n35r0No7Kc8OuD0T5kYhfbdnu0kquFpZs_5V57OPLIoEUfL7Fvt3L0V6ldVgWkaccCpOky58gJMKDLaxGita_QFWLvMSa5gNrRUDvelfj3K06chz7rt9zyd0jol132A2FFeGjGCW6YbnTCRSvvECDIZvANVHbslJ6ZEXpVadxnWEwDkmdBBymsGvptyLgIu2huqLwRlHoSx0solVdd3k9ICXWA6uxBKqO8V_2PKumZYh7xHk7zcF6nVTLOJ77HePgh54Jpr0TDzs4awAaXFiqsCEpnhOLaKGokQOMzZIfgE_-VZqhjAaRTrwC1vsANYoPJ2-R7cTKg-rAa9A5QGeVl_BFmQ7oEzAQ5JZFwjf6eGQilzQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3F80 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-175.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 30 Aug 2023 21:17:55 GMT
ETag
"623de86a-cf34"
Expires
Thu, 31 Aug 2023 21:17:57 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A5BE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Aug 2023 21:17:55 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 71F8 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b305e2efe8274f4241467a9e90f7a26799ad94bc6205f184c24c32518279a09a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8500
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 21:17:55 GMT
expires
Fri, 01 Sep 2023 21:17:55 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3127 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=21925
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 30 Aug 2023 21:17:55 GMT
expires
Thu, 31 Aug 2023 03:23:20 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame AC5F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.9.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-9-59.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
34389
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Wed, 30 Aug 2023 11:44:47 GMT
etag
W/"cba3476b12cba88403393b498cdbcb0a"
last-modified
Wed, 02 Aug 2023 17:35:11 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 1a3a682cf8d843fe52f3224f60584fac.cloudfront.net (CloudFront)
x-amz-cf-id
dwLMkU5hPjPgrFCZLMwxaHvxCEV8xq-bLyM931kqPfOd-J7e4IAHJA==
x-amz-cf-pop
MXP64-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5
72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256
54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame B67B 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1693430272163
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1693429800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=14301236-b30d-4572-89e2-566ced4d04ad&gdpr_consent=null&gdpr=0
43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=14301236-b30d-4572-89e2-566ced4d04ad&gdpr_consent=null&gdpr=0
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:54 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=14301236-b30d-4572-89e2-566ced4d04ad&gdpr_consent=null&gdpr=0
date
Wed, 30 Aug 2023 21:17:55 GMT
server
_
content-length
0
smart
sync.adotmob.com/cookie/ 		0
0
/
b1sync.zemanta.com/usersync/smart/ 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:17:56 GMT
v1
match.sharethrough.com/universal/ 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.60.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-60-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
  • https://eu-u.openx.net/w/1.0/cm?cc=1&id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=c9fee066-4897-09bc-23e4-cb7a42167a5f&gdpr=0&gdpr_consent=
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=c9fee066-4897-09bc-23e4-cb7a42167a5f&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Wed, 30 Aug 2023 21:17:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=c9fee066-4897-09bc-23e4-cb7a42167a5f&gdpr=0&gdpr_consent=
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usync.js
eus.rubiconproject.com/ Frame A5BE 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:17:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Aug 2023 13:28:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58212
Connection
keep-alive
Content-Length
10124
Expires
Thu, 31 Aug 2023 13:28:07 GMT
13926
g2.gumgum.com/usync/ Frame 02E6 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.44.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-44-5.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8de110accfe1025599e27c953681e073acaed472e1249aabcdb827b6fd46fbcd

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 30 Aug 2023 21:17:55 GMT
etag
W/"06ce2c7c33678182ea74664477b75bb66"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 4F8F 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame BEAB 		700 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
65ea378dd2262ef5b076d65b7dfefe122b1f79133d8704aa736e29862b8b81d3

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
700
content-type
text/html
date
Wed, 30 Aug 2023 21:17:55 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 60A4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80b6730173ab2f8a05d7fa126220dbb7a94df519088cdf04db4403711e41a5b8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7ff0103808bf01e7-ZRH
content-encoding
br
content-type
text/html
date
Wed, 30 Aug 2023 21:17:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Blo8Jn2NJmInzggufye%2B4vC%2F%2B3EdflcwY3G1fM4l0KNKu5Zd%2F2tVfa%2F6unBTDLxsxUWNSMN%2FqT%2F3QSOO0gHBwINZ6TECxZ9Nb2o4WoqMG5PcIr2rkiy42yFiUz99b5m36tW8Clpi%2BfQJg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 859F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Aug 2023 21:17:55 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 30 Aug 2023 21:17:55 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FC9A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=21925
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 30 Aug 2023 21:17:55 GMT
expires
Thu, 31 Aug 2023 03:23:20 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 674C 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
cf7f3001fad53dc155ed9da610f3de947063ceece4f114a9d1bbb4013c46a5c8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Wed, 30 Aug 2023 21:17:55 GMT
server
istio-envoy
via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-id
xahlcSPisBeD-8XKZi7FviGX1l6bQ6CAQ_eOTQRyDT_HabimqJT4Hw==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
4
user-sync
sync.adkernel.com/ Frame 2795 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Wed, 30 Aug 2023 21:17:55 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 23C4 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
3e6e2018c47182da6ac5c019a4b8387f1c4a4854a87c8fcc4a795f81c44b9d8e

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Wed, 30 Aug 2023 21:17:56 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
sync
ads.servenobid.com/ Frame AC5F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=8922632082486160958
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=8922632082486160958
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
an-x-request-uuid
d35e42a5-5996-43b9-9c18-6c5a986a50a8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=8922632082486160958
x-proxy-origin
176.10.107.237; 176.10.107.237; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame AC5F
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=HPUdrGZHRzlMC3YvQeOt9Aq4
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HPUdrGZHRzlMC3YvQeOt9Aq4
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:55 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HPUdrGZHRzlMC3YvQeOt9Aq4
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame AC5F 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 30 Aug 2023 21:17:55 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
rtb-csync.smartadserver.com/redir/ Frame AC5F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1693430275927
  • https://ad.turn.com/r/cs?pid=45&rndcb=1221746816
  • https://sync.1rx.io/usersync/turn/6919021736534392851?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-977dc5cc-75bb-40fa-af7c-097cada75d38-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-977dc5cc-7...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-977dc5cc-75bb-40fa-af7c-097cada75d38-003
43 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-977dc5cc-75bb-40fa-af7c-097cada75d38-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-977dc5cc-75bb-40fa-af7c-097cada75d38-003
date
Wed, 30 Aug 2023 21:17:56 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX977dc5cc75bb40faaf7c097cada75d38003
content-type
text/html
sync
ads.servenobid.com/ Frame AC5F
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5140084926951602493
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5140084926951602493
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5140084926951602493
Date
Wed, 30 Aug 2023 21:17:55 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame AC5F
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=5c1a50a0-08d1-4832-8f4f-67c491f6b8b7
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=5c1a50a0-08d1-4832-8f4f-67c491f6b8b7
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:56 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-34
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=5c1a50a0-08d1-4832-8f4f-67c491f6b8b7
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame AC5F
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame AC5F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-fCLm67BE2uFlF.1uXscF8b8Bozjr3xdi8KzD5n4-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-fCLm67BE2uFlF.1uXscF8b8Bozjr3xdi8KzD5n4-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-fCLm67BE2uFlF.1uXscF8b8Bozjr3xdi8KzD5n4-~A
date
Wed, 30 Aug 2023 21:17:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
45f6616f8301569fb3628edffa5edae8.gif
cs.admanmedia.com/ Frame AC5F
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-8b3fa40f-7a60-37a4-8e93-510870631545&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid...
0
0
sync
ads.servenobid.com/ Frame AC5F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-fCLm67BE2uFlF.1uXscF8b8Bozjr3xdi8KzD5n4-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-fCLm67BE2uFlF.1uXscF8b8Bozjr3xdi8KzD5n4-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-fCLm67BE2uFlF.1uXscF8b8Bozjr3xdi8KzD5n4-~A
date
Wed, 30 Aug 2023 21:17:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame AC5F 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.60.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-60-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
sync
ads.servenobid.com/ Frame AC5F
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 30 Aug 2023 21:17:55 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Wed, 30 Aug 2023 21:17:55 GMT
sync
ads.servenobid.com/ Frame AC5F
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
  • https://ads.servenobid.com/sync?pid=328&uid=09b96458-8e5a-414a-b99b-c4233a8ad73e
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=328&uid=09b96458-8e5a-414a-b99b-c4233a8ad73e
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=328&uid=09b96458-8e5a-414a-b99b-c4233a8ad73e
Date
Wed, 30 Aug 2023 21:17:56 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
async_usersync
ib.adnxs.com/ Frame 3F80 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
an-x-request-uuid
d7352293-1004-49b4-ad2a-ef5a3a3aa257
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.10.107.237; 176.10.107.237; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame BEAB 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=5824489679850151208&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame BEAB
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/smartadserver?zcc=1&cb=1693430275927
  • https://ad.turn.com/r/cs?pid=45&rndcb=8317792026
  • https://sync.1rx.io/usersync/turn/6919021736534392851?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-977dc5cc-75bb-40fa-af7c-097cada75d38-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-977dc5cc-7...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-977dc5cc-75bb-40fa-af7c-097cada75d38-003
43 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-977dc5cc-75bb-40fa-af7c-097cada75d38-003
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:56 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-977dc5cc-75bb-40fa-af7c-097cada75d38-003
date
Wed, 30 Aug 2023 21:17:56 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX977dc5cc75bb40faaf7c097cada75d38003
content-type
text/html
redir
rtb-csync.smartadserver.com/ Frame BEAB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEs7U7J32QAACVfjqi53Q&partnerid=127&gdpr=0
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AAEs7U7J32QAACVfjqi53Q&partnerid=127&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AAEs7U7J32QAACVfjqi53Q&partnerid=127&gdpr=0
Date
Wed, 30 Aug 2023 21:17:55 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame BEAB
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=903d3c8dd2313523eb6284def3fe8db6&gdpr=0&gdpr_consent=0
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=903d3c8dd2313523eb6284def3fe8db6&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=903d3c8dd2313523eb6284def3fe8db6&gdpr=0&gdpr_consent=0
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
13
content-length
0
expires
0
generic
match.adsrvr.org/track/cmf/ Frame BEAB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.js
eus.rubiconproject.com/ Frame 859F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:17:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Aug 2023 13:28:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58212
Connection
keep-alive
Content-Length
10124
Expires
Thu, 31 Aug 2023 13:28:07 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 60A4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKflK0GZEQgOEAWsljwqB6k&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKflK0GZEQgOEAWsljwqB6k&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUeXboVc12cL8WsjRao%2BgjrqsstmFNzEeTt1Pu8UVjrgPbZ2P2XzqpdUjj9u3i6avxmo2LZSpmAHgpHyEdoMsJ5qFrtqi8wN%2FIpRVy6wfpQTXs66WyS3HzYKjousjK%2FzJsSYbVMtuuqyLw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7ff01038a97101e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKflK0GZEQgOEAWsljwqB6k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 60A4 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1CQN373R7328GHNZZD1N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 60A4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZO.yAfpKZJCuTs6y.s6EZQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEASWx2HsN-Hp4H0qqzAJsUc&google_cver=1&google_hm=2
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEASWx2HsN-Hp4H0qqzAJsUc&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jc%2BsV1JqMS1%2Fp5uwmvd26LwnOEp8b%2BrdsW3X7UpbYzdcSE285Cwd2q%2BbqFQYGh7dpkroVvn%2FmqHyCk9oImVTdRswzEepK8vtss%2FEZx9BBoZP0zCZxg4QVPADGmPKHneS1F2bGkQdFjGkYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7ff0103919e401e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEASWx2HsN-Hp4H0qqzAJsUc&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 60A4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 60A4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3605:999f:1d55:f8df:b156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB
date
Wed, 30 Aug 2023 21:17:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 60A4
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=14301236-b30d-4572-89e2-566ced4d04ad&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=14301236-b30d-4572-89e2-566ced4d04ad&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pI9UVl%2B8XaSTGqqkSijJOw8jsc%2BSLB1xNU1oy4tUhbGgYj4RQj%2BdmRIocxec1m6uSJXTSODBMwXFNpCiiApMEb%2FT2x6i1DOUcuvhiG3%2BPtpwETXY1wCQqTmVYdSpBsRZO81NUiLwuhsigA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7ff01038ce8d01f8-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=14301236-b30d-4572-89e2-566ced4d04ad&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Wed, 30 Aug 2023 21:17:55 GMT
server
_
content-length
0
31327
i6.liadm.com/s/ Frame 60A4
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZO.yAfpKZJCuTs6y.s6EZQAA%263369&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZO.yAfpKZJCuTs6y.s6EZQAA%263369&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=2b6d5a57b95c42b69a39ca8f82b34810
  • https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZO.yAfpKZJCuTs6y.s6EZQAA%263369&gpp_sid=&us_privacy=&gpdr=
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZO.yAfpKZJCuTs6y.s6EZQAA%263369&gpp_sid=&us_privacy=&gpdr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:4bc9:ac6a:bf5b:3f86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:17:56 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZO.yAfpKZJCuTs6y.s6EZQAA%263369&gpp_sid=&us_privacy=&gpdr=
Date
Wed, 30 Aug 2023 21:17:56 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
rum
dsum.casalemedia.com/ Frame 60A4
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=19896248db56182f&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAM2SC-PMirWAMcb71xAAAAAAA&expiration=1693516675&is_secure=true
43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAM2SC-PMirWAMcb71xAAAAAAA&expiration=1693516675&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwmyvBUAOkVuoB1HaLU61207X%2BkVJtoqYe3a0tr5SIBhYO%2BK3WhyiBZE%2BtO3fBBd1glkKfNlxCwO%2F70jLM%2BXsIjLuMAIQWWerUXQ6%2B%2BaJ0wGjTwO2K8Obax%2FU0iyyFxPG4uGH2OV"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7ff010391ed301f8-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAM2SC-PMirWAMcb71xAAAAAAA&expiration=1693516675&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 60A4 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 859F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LLY8NSMS-J-C6EW
  • https://ads.servenobid.com/sync?pid=323&uid=LLY8NSMS-J-C6EW
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LLY8NSMS-J-C6EW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LLY8NSMS-J-C6EW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
10af108baa8103fb427a2cc0433d74a0
Expires
0
log
hblg.media.net/ Frame 71F8 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=chlog&reqId=336066393322215741693430275958&fs=2&pid=8PRW23HG5&cid=8CU18831I&itype=PREBIDNone&bs=2&bi=30000&ccs=8&svr=2023082808_198&gdpr=1&csex=0&usp_status=0&usc=1&lper=100&tr=358.693125064103
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:56 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 30 Aug 2023 21:17:56 GMT
usersync
usersync.gumgum.com/ Frame 02E6
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=8922632082486160958
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=8922632082486160958
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:56 GMT
an-x-request-uuid
923cc26f-92bd-4a1f-b04b-43f8e2db57ed
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=8922632082486160958
x-proxy-origin
176.10.107.237; 176.10.107.237; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 02E6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_0ecb23f8-1981-4154-918f-3f2aa6e86866&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=e28551c6-183a-49d1-b6ab-b5e2b935f090&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=e28551c6-183a-49d1-b6ab-b5e2b935f090&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=d707e1c7-b780-4068-a04a-4fb217f1576b&ssp=gumgum2&bsw_param=e28551c6-183a-49d1-b6ab-b5e2b935f090
  • https://usersync.gumgum.com/usersync?b=bsw&i=e28551c6-183a-49d1-b6ab-b5e2b935f090&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=e28551c6-183a-49d1-b6ab-b5e2b935f090&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=e28551c6-183a-49d1-b6ab-b5e2b935f090&gdpr=0&gdpr_consent=&us_privacy=
date
Wed, 30 Aug 2023 21:17:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncPlatform
sync.outbrain.com/ Frame 02E6
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28qvlZi1tp9bGt5zJ_HuaHoaqufmUrs7LUp6adxPZLUiU3HJcljp5YEBYuDUag2q1t%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_0ecb23f8-1981-4154-918f-3f2aa6e86866&obuid=ENC(qvlZi1tp9bGt5zJ_HuaHoaqufmUrs7LUp6adxPZLUiU3HJcljp5YEBYuDUag2q1t...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:17:56 GMT
Cache-Control
no-cache
X-TraceId
be0acce2e084ebe0bf48b9e314b49f1d
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Date
Wed, 30 Aug 2023 21:17:56 GMT
X-TraceId
c51ab0091d83fa40121b504333515fa7
Content-Length
0
usersync
usersync.gumgum.com/ Frame 02E6
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=2b4ad3ee-f140-0e86-030d-65abac55a0df
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=2b4ad3ee-f140-0e86-030d-65abac55a0df
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 30 Aug 2023 21:17:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=2b4ad3ee-f140-0e86-030d-65abac55a0df
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 02E6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-31bb64a8-64dc-5b67-4dc2-b359441f1668$ip$176.10.107.237
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-31bb64a8-64dc-5b67-4dc2-b359441f1668$ip$176.10.107.237
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-31bb64a8-64dc-5b67-4dc2-b359441f1668$ip$176.10.107.237
Date
Wed, 30 Aug 2023 21:17:56 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 02E6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-yvkmXhtE2pdSC2H_3aUdEUS.7tXoPLB8vn6A~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-yvkmXhtE2pdSC2H_3aUdEUS.7tXoPLB8vn6A~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 30 Aug 2023 21:17:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-yvkmXhtE2pdSC2H_3aUdEUS.7tXoPLB8vn6A~A
content-length
0
usersync
usersync.gumgum.com/ Frame 02E6
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=7ef48c92-d570-43d6-b8b1-66effa0d224d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=7ef48c92-d570-43d6-b8b1-66effa0d224d
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=7ef48c92-d570-43d6-b8b1-66effa0d224d
Date
Wed, 30 Aug 2023 21:17:56 GMT
Connection
keep-alive
X-CI-RTID
66bd9855-3ca0-4fbe-b36b-9e8ca9722264
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 02E6 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:55 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 02E6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_0ecb23f8-1981-4154-918f-3f2aa6e86866&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=1z9pjnD7JadfE1GJpCmM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2ML2HFYGU3SEG5FGCZDGIUYUOSTQINWU2...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=1z9pjnD7JadfE1GJpCmM&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=1z9pjnD7JadfE1GJpCmM&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:56 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=1z9pjnD7JadfE1GJpCmM&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 02E6
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=1f9e37e5-8f83-4c0b-9eca-7bb613a30211
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=1f9e37e5-8f83-4c0b-9eca-7bb613a30211
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=1f9e37e5-8f83-4c0b-9eca-7bb613a30211
access-control-allow-origin
*
date
Wed, 30 Aug 2023 21:17:56 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 02E6
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=PduutcMOVcaq&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=PduutcMOVcaq&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=PduutcMOVcaq&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-fh96x
expires
-1
usersync
usersync.gumgum.com/ Frame 02E6
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=5824489679850151208
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=5824489679850151208
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=5824489679850151208
date
Wed, 30 Aug 2023 21:17:55 GMT
content-length
0
sync
ads.servenobid.com/ Frame 02E6 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_0ecb23f8-1981-4154-918f-3f2aa6e86866
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 113C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZO_yAwAMosSvAQAb&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZO_yAwAMosSvAQAb&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 30 Aug 2023 21:17:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 30 Aug 2023 21:17:55 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZO_yAwAMosSvAQAb&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mxp6929-MXP
x-timer
S1693430276.998757,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 8BD1 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wZWNiMjNmOC0xOTgxLTQxNTQtOTE4Zi0zZjJhYTZlODY4NjY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:17:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2D37 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=21924
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 30 Aug 2023 21:17:56 GMT
expires
Thu, 31 Aug 2023 03:23:20 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame E74F 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 30 Aug 2023 21:17:56 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame C877
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZO.yBMCo8XcAALUOgEsAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZO.yBMCo8XcAALUOgEsAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 30 Aug 2023 21:17:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 30 Aug 2023 21:17:56 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZO.yBMCo8XcAALUOgEsAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40329.dc2p.scaleout.jp
X-SO-IP
176.10.107.237
X-SO-Key
ZO.yBMCo8XcAALUOgEsAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"176.10.107.237","key":"ZO.yBMCo8XcAALUOgEsAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40329"}
X-SO-LB-Hostname
m-tgng19.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40329
gumgum
cs.admanmedia.com/sync/ Frame FE61 		0
0
usersync
usersync.gumgum.com/ Frame 4C0B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=60DwKxBWxnvwV0l2VsK3&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=60DwKxBWxnvwV0l2VsK3&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 30 Aug 2023 21:17:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 30 Aug 2023 21:17:56 GMT Wed, 30 Aug 2023 21:17:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=60DwKxBWxnvwV0l2VsK3&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame E547
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Aug 2023 21:17:56 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 30 Aug 2023 21:17:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
cs
cs.minutemedia-prebid.com/ Frame 674C
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID%26ismms2s%3D1
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8922632082486160958
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&ismms2s=1
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&ismms2s=1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.247.40.125 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&ismms2s=1
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
127
content-type
text/html; charset=utf-8
cs
cs.minutemedia-prebid.com/ Frame 674C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=WoExh590mEu6&ismms2s=1&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=WoExh590mEu6&ismms2s=1&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.247.40.125 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=WoExh590mEu6&ismms2s=1&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-n9phv
expires
-1
cs
cs.minutemedia-prebid.com/ Frame 674C
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=967161821137818086545&ismms2s=1
0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=967161821137818086545&ismms2s=1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.247.40.125 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=967161821137818086545&ismms2s=1
date
Wed, 30 Aug 2023 21:17:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs.minutemedia-prebid.com/ Frame 674C
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1452e959a-a6c7-0984-1cee-6cb124062b7c
0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1452e959a-a6c7-0984-1cee-6cb124062b7c
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.247.40.125 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '21477'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Wed, 30 Aug 2023 21:17:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1452e959a-a6c7-0984-1cee-6cb124062b7c
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 674C
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.247.40.125 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
date
Wed, 30 Aug 2023 21:17:55 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
minute_media
cs.admanmedia.com/sync/ Frame 674C 		0
0
cs
cs.minutemedia-prebid.com/ Frame 674C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZO.yAfpKZJCuTs6y.s6EZQAA%263369
0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZO.yAfpKZJCuTs6y.s6EZQAA%263369
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.247.40.125 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '21476'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFfsYHUCaED4dk18Q5KkuXpgSevsuqHUlpP2L9yDvVegwqrG2vFFKAuxSDPYdmAgXkaKHRcw6IZziFEZ0M80KAdzlKD3RYCA8iqguCniTGqIy8soEaC1jMt%2BwE4bEGdwyiRfUfF6HqmgPA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZO.yAfpKZJCuTs6y.s6EZQAA%263369
cache-control
no-cache
cf-ray
7ff0103919eb01e7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame 674C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/minutemedia/?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=&ismms2s=1&gdpr=0
0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=&ismms2s=1&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.247.40.125 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '21515'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=&ismms2s=1&gdpr=0
Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
103
Content-Type
text/html; charset=utf-8
pixel
ap.lijit.com/ Frame 674C 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID%26ismms2s%3D1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 30 Aug 2023 21:17:56 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs.minutemedia-prebid.com/ Frame 674C
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D%26ismms2s%3D1
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D%26ismms2s%3D1&crf=1&rts=-90...
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=da6c0f14-7860-52f3-ad01-19cbc9eeabcf&ismms2s=1
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21505&id=da6c0f14-7860-52f3-ad01-19cbc9eeabcf&ismms2s=1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.247.40.125 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21505&id=da6c0f14-7860-52f3-ad01-19cbc9eeabcf&ismms2s=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 674C
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER...
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=903d3c8dd2313523eb6284def3fe8db6&ismms2s=1
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21502&id=903d3c8dd2313523eb6284def3fe8db6&ismms2s=1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.247.40.125 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:55 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cs.minutemedia-prebid.com/cs?aid=21502&id=903d3c8dd2313523eb6284def3fe8db6&ismms2s=1
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame 674C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=0&gdpr_consent=%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=5824489679850151208&gdpr=0&gdpr_consent=
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=5824489679850151208&gdpr=0&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.247.40.125 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=5824489679850151208&gdpr=0&gdpr_consent=
date
Wed, 30 Aug 2023 21:17:55 GMT
content-length
0
sync
ads.servenobid.com/ Frame 674C 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=e6B-Ltp-Cp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.html
eus.rubiconproject.com/ Frame C9F4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Aug 2023 21:17:56 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 30 Aug 2023 21:17:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 9F4C 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438&gdpr=0&gdpr_consent=%26ismms2s%3D1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.js
eus.rubiconproject.com/ Frame E547 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:17:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Aug 2023 13:28:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58211
Connection
keep-alive
Content-Length
10124
Expires
Thu, 31 Aug 2023 13:28:07 GMT
usync.js
eus.rubiconproject.com/ Frame C9F4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:17:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Aug 2023 13:28:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58211
Connection
keep-alive
Content-Length
10124
Expires
Thu, 31 Aug 2023 13:28:07 GMT
usersync
usersync.gumgum.com/ Frame E547
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LLY8NSMS-J-C6EW
  • https://usersync.gumgum.com/usersync?b=mag&i=LLY8NSMS-J-C6EW
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LLY8NSMS-J-C6EW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LLY8NSMS-J-C6EW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
cs
cs.minutemedia-prebid.com/ Frame C9F4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LLY8NSMS-J-C6EW
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LLY8NSMS-J-C6EW
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LLY8NSMS-J-C6EW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east%26ismms2s%3D1
Protocol
H2
Server
54.247.40.125 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-40-125.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LLY8NSMS-J-C6EW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
cs
cs-server-s2s.yellowblue.io/ Frame 23C4
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71
date
Wed, 30 Aug 2023 21:17:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs.yellowblue.io/ Frame 23C4
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=2ec0b6adcdcb81b9a679bf739d3f3cd1&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=2ec0b6adcdcb81b9a679bf739d3f3cd1&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.229.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-154.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 21:17:56 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=2ec0b6adcdcb81b9a679bf739d3f3cd1&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693430276320029-422
Expires
Wed, 30 Aug 2023 21:17:56 GMT
v1
match.sharethrough.com/universal/ Frame 23C4 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.60.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-60-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
sync
ads.servenobid.com/ Frame 23C4 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=Zpp-RtMzkp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
async_usersync
ib.adnxs.com/ Frame 3F80 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:56 GMT
an-x-request-uuid
34d04f9b-6f4c-466d-955c-65752c783942
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.10.107.237; 176.10.107.237; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame A73F 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je38s0&_p=715663053&cid=610378725.1693430272&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1693430271&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fsxanhomm&dt=Kompak4d%20Daftar%20Situs%20Penyedia%20Games%20Resmi%20Paling%20Lengkap%20-%20Pastelink.net&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:17:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A73F 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28169945&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
61866cec2ae664e4fa997617343a8b6f918d9acb40024cbed71def0dcac7593f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 30 Aug 2023 21:17:57 GMT
content-length
1388
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 4158 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 30 Aug 2023 21:17:58 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
i.match
a.tribalfusion.com/ Frame D8EF 		0
0
pub
matching.truffle.bid/sync/ Frame BB95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 30 Aug 2023 21:17:58 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
generic
match.adsrvr.org/track/cmf/ Frame 1CFF
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1310393143
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1310393143
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 30 Aug 2023 21:17:58 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 30 Aug 2023 21:17:58 GMT
etag
RX977dc5cc75bb40faaf7c097cada75d38003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1310393143
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame ABD2
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AA90B719F30A43B2ADCE52BA483C8E27&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AA90B719F30A43B2ADCE52BA483C8E27&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 21:17:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 30 Aug 2023 21:17:58 GMT
expires
Tue, 29 Aug 2023 21:17:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AA90B719F30A43B2ADCE52BA483C8E27&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
setuid
u.4dex.io/ Frame 0582 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 30 Aug 2023 21:17:58 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
mw
mwzeom.zeotap.com/ Frame A73F 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:17:58 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7ff01048db59bac1-MXP
access-control-allow-headers
*
content-length
95
info
uipglob.semasio.net/pubmatic/1/ Frame A73F 		0
0
generic
match.adsrvr.org/track/cmf/ Frame A73F
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 21:17:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-8b3fa40f-7a60-37a4-8e93-510870631545&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS04YjNmYTQwZi03YTYwLTM3YTQtOGU5My01MTA4NzA2MzE1NDUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS04YjNmYTQwZi03YTYwLTM3YTQtOGU5My01MTA4NzA2MzE1NDUyAhgMOAE=&gdpr=&gdpr_consent=
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=e_0ecb23f8-1981-4154-918f-3f2aa6e86866&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/minute_media?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D%26ismms2s%3D1
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&sInitiator=external&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| documentPictureInPicture function| $ function| jQuery function| Cookies object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| find_height function| setCookie function| copyToClipboard function| getCookie function| eraseCookie function| validateEmail function| unsure function| clearexplain function| resize function| changeGenerateButtonState function| notify function| removeNotification function| refreshView function| captchaLoaded function| callCustomAjax function| retrieveGetVariables function| setGetVariables string| size object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| bsablockthrough object| bsagpt object| bsaheaderbid object| googletag object| bsapbChunk object| bsapb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| optimize object| bsas2s object| recaptcha object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt object| ggeac object| google_js_reporting_queue boolean| __bt_already_invoked undefined| google_measure_js_timing object| google_reactive_ads_global_state object| Criteo object| sas object| apntag object| _ADAGIO number| google_unique_id object| ONFOCUS object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| GoogleGcLKhOms object| google_image_requests

177 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CgsKCQj_____BxD9FQ
i6.liadm.com/s Name: _li_ss
Value: CgA
pastelink.net/ Name: PHPSESSID
Value: pe5vt12soc0aphjfgovqmlk0bk
.pastelink.net/ Name: _gcl_au
Value: 1.1.140176826.1693430272
.pastelink.net/ Name: _gid
Value: GA1.2.1749860180.1693430272
.pastelink.net/ Name: _gat_UA-55088947-2
Value: 1
.pastelink.net/ Name: _ga
Value: GA1.1.610378725.1693430272
.pastelink.net/ Name: _ga_4KDXYD7HFC
Value: GS1.2.1693430271.1.0.1693430271.0.0.0
.script.ac/ Name: __cf_bm
Value: IblKcwk7U1Rl80oEqGW.Kz7F2YfdIDvE3vv0Cw8L5FA-1693430272-0-AdZHrO92Ww+pDya3BeIB06kf3JnrRz6tNz848MH91dK9uOgMz4PeYC9c+k2kYSiVJVG0G72j/1b/U3kHd/1+eSQ=
.omnitagjs.com/ Name: ayl_visitor
Value: 903d3c8dd2313523eb6284def3fe8db6
.rubiconproject.com/ Name: khaos
Value: LLY8NSMS-J-C6EW
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 587752=5607197
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500016409%3B%24ql%3DHigh%3B%24qpc%3D6331%3B%24qt%3D73_82_98174t%3B%24dma%3D0
.smartadserver.com/ Name: pid
Value: 5824489679850151208
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500016409%3B%24ql%3DHigh%3B%24qpc%3D6331%3B%24qt%3D73_82_98174t%3B%24dma%3D0&c=1&l=1047347517&lo=1852618765&lt=638290270722890989&o=1
.doubleclick.net/ Name: IDE
Value: AHWqTUm31LTQf47ldGyWUw29obVshWLGMb1gTwU2U4HxreuY_Peij-yhuVUTfGpxnVw
.yahoo.com/ Name: A3
Value: d=AQABBACy72QCEFxxMUz9uCcB88O7udu5NjAFEgEBAQED8WT5ZAAAAAAA_eMAAA&S=AQAAAucqFhcfHiDQNgsqX9d26eY
.linkedin.com/ Name: bcookie
Value: "v=2&fce62276-3526-4571-8d94-dced13cf0a1f"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTM0MzAyNzI7MjswMjGq4mWCQlHIij7gZ4j2y7X171aAjS4vN1Y5Rkc6h/Ur5A==
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2988:u=1:x=1:i=1693430272:t=1693516672:v=2:sig=AQFmT7G87AUy4fXjV2goV_RoS5KY6d48"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: AypZwdVLWEnUutquYampqDw
.pastelink.net/ Name: __gads
Value: ID=2fd8630f516f6c65:T=1693430272:RT=1693430272:S=ALNI_MZ5VlqxTiaPhlA2Ym34lzM-awJnbQ
.pastelink.net/ Name: __gpi
Value: UID=00000c92ac89fd28:T=1693430272:RT=1693430272:S=ALNI_MZFTY3ksF8ZaBM6VnTyl-GECvK3Kw
.pastelink.net/ Name: _ga_S3DKHVPF03
Value: GS1.1.1693430271.1.0.1693430273.0.0.0
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%221E1CB877-894F-44E6-A66C-920DFF96A005%22%7D
.ctnsnet.com/ Name: gid_CAESEIuTnwFzaM0LpgyoqQJpWcI
Value: 1
.blismedia.com/ Name: b
Value: 64EFB20139BCF0C384E51B2CBLIS
.adnxs.com/ Name: uuid2
Value: 8922632082486160958
.casalemedia.com/ Name: CMID
Value: ZO.yAfpKZJCuTs6y.s6EZQAA
.casalemedia.com/ Name: CMPS
Value: 3369
.casalemedia.com/ Name: CMPRO
Value: 3369
.3lift.com/ Name: tluid
Value: 967161821137818086545
.hspvst.com/ Name: VI2677
Value: %7B%22time%22%3A1693430273%2C%22utid%22%3A%227a7580507efef02ff107a833a2c886e2%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/ Name: VIP2677
Value: 1
.turn.com/ Name: uid
Value: 6919021736534392851
.mathtag.com/ Name: mt_mop
Value: 4:1693430273
.quantserve.com/ Name: mc
Value: 64efb201-93b0a-77de7-490d6
.w55c.net/ Name: wfivefivec
Value: jCBdDzYt1QBszv5
.de17a.com/ Name: guid
Value: 1.4587697792382255801
.360yield.com/ Name: tuuid
Value: 1f9e37e5-8f83-4c0b-9eca-7bb613a30211
.360yield.com/ Name: tuuid_lu
Value: 1693430273
.w55c.net/ Name: matchgoogle
Value: 5
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71
.ctnsnet.com/ Name: cid
Value: 0166fe30a41c425d90071eb9630e91d5
.simpli.fi/ Name: suid
Value: AA90B719F30A43B2ADCE52BA483C8E27
.adfarm1.adition.com/ Name: UserID1
Value: 7273227640611928218
.doubleclick.net/ Name: DSID
Value: NO_DATA
.tribalfusion.com/ Name: ANON_ID
Value: aLntuJpkijcDifqAbPsoyHigY0DVuJL5pRmggE1TvnZcrYxQEgIurbWpbZbYZaLxCCWe7LBjPttO2Xs3vDEIZbXhdZbWL
.lijit.com/ Name: ljt_reader
Value: HPUdrGZHRzlMC3YvQeOt9Aq4
.teads.tv/ Name: tt_viewer
Value: 694ad3e3-e1a8-4ce7-8a39-aedf1054098f
.bidswitch.net/ Name: c
Value: 1693430273
.bidswitch.net/ Name: tuuid
Value: e28551c6-183a-49d1-b6ab-b5e2b935f090
.bidswitch.net/ Name: tuuid_lu
Value: 1693430274
.bidswitch.net/ Name: google_push
Value: AXcoOmTyPcQuyLOEC9ZuukL43paY1yAO8ygNSk8tpaadXAFvxifqEapSJVv8Uy022Wijbk3zNrtlMT5HYCx8tk2062kGX6LB6pzP
.awin1.com/ Name: awpv14702
Value: 412871|1693430274|aef50720-477a-11ee-8c55-226543793aa5
.awin1.com/ Name: awpv20044
Value: 412871|1693430274|aef6dbe0-477a-11ee-b98b-2233369fc7ee
.awin1.com/ Name: awpv11354
Value: 412871|1693430274|aef702f0-477a-11ee-b98b-2233369fc7ee
.awin1.com/ Name: AWSESS
Value: 377129:2470185
www.conrad.de/ Name: HTLP_timestamp
Value: 1693430274532
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: jSZU6ta5ECk0PNeoj61j5GnVApeKXjcHX1mCyfTWLI8-1693430274-0-Aecq5BDw+rDbHnnhaGhsQxppm10WjslYGzXa1j2PNV7eRaU4Frh7xnfhGeytrGqRgaypjJkQYJqvJI6HhR9GMGU=
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNjkzNDMwMjc0dmxlYTFkZTIwMjMwODMwMjMxNzU0ODg0MzQxNjEwNzFYMTE3NzAzVjEyMjYxMzI3MDJNU21tX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023083023175488434161071X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNjkzNDMwMjc0dmxlYTFkZTIwMjMwODMwMjMxNzU0ODg0MzQxNjEwNzFYMTE3NzAzVjEyMjYxMzI3MDJNU
.criteo.com/ Name: uid
Value: baeb0dad-ca75-4fe7-8cc6-bf9b405d830b
.pastelink.net/ Name: cto_bundle
Value: 2W07TF9hJTJCTmhud0VDUnZXVElZMll5bVhYN3lybE1UOHBUczJGY1d0NGtkN3ZMR0had2w3djVwM204Q2xJaGg0aXRnMmxXTWh2dzJnWCUyQmJkYmVSbDRSY2kyNVZWSVBTZiUyQmhkR2NOUXlta1d2UnFoRW9NajNUNEkwa05iTFgwZDZ5UWNScHlzNmQ0a2J4cE00SHdpSTRjRVg1WFElM0QlM0Q
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: DPSync3
Value: 1694563200%3A201_245_241_235
.quantserve.com/ Name: d
Value: EJsBDgHqKYEO-TA
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjMtMDgtMzBUMjE6MTc6NTIuMTk1MTM3MjE0WiIsImFwcG5leHVzIjoiMjAyMy0wOC0zMFQyMToxNzo1Mi4xOTUyMTAwODhaIiwiZXBsYW5uaW5nIjoiMjAyMy0wOC0zMFQyMToxNzo1Mi4xOTQ5NzkyMTFaIiwiZnJlZXdoZWVsIjoiMjAyMy0wOC0zMFQyMToxNzo1Mi4xOTUwOTc1NjFaIiwiaW1wcm92ZWRpZ2l0YWwiOiIyMDIzLTA4LTMwVDIxOjE3OjUyLjE5NTAzOTY2M1oiLCJpbmRleGV4Y2hhbmdlIjoiMjAyMy0wOC0zMFQyMToxNzo1Mi4xOTUwMTk1MjZaIiwib25ldGFnIjoiMjAyMy0wOC0zMFQyMToxNzo1Mi4xOTUwNjQ1MThaIiwib3BlbngiOiIyMDIzLTA4LTMwVDIxOjE3OjUyLjE5NTA4NzQyM1oiLCJwdWJtYXRpYyI6IjIwMjMtMDgtMzBUMjE6MTc6NTIuMTk0OTg5ODg4WiIsInJ1Ymljb24iOiIyMDIzLTA4LTMwVDIxOjE3OjUyLjE5NTExMjQxOFoiLCJzbWFydCI6IjIwMjMtMDgtMzBUMjE6MTc6NTIuMTk0OTM4ODc0WiIsInNvdnJuIjoiMjAyMy0wOC0zMFQyMToxNzo1Mi4xOTUwMzA3OTRaIiwidHJpcGxlbGlmdCI6IjIwMjMtMDgtMzBUMjE6MTc6NTIuMTk1MTAyODU2WiIsInVucnVseSI6IjIwMjMtMDgtMzBUMjE6MTc6NTIuMTk0OTY2ODI4WiJ9LCJ1aWRzIjp7ImFkYWdpbyI6eyJ1aWQiOiI4ZmMwNWZkZC1hNDNjLTQzODQtODc1ZS0zMzg3MDcwNGUzNmIiLCJleHBpcmVzIjoiMjAyMy0xMC0yOVQyMToxNzo1Mi4xOTQzOTY1NThaIn0sInB1Ym1hdGljIjp7InVpZCI6IjZGQzM2RTNFLUVCMEMtNDlFNi04QTlBLUI3NjRFMkJFNUM3MSIsImV4cGlyZXMiOiIyMDIzLTEwLTI5VDIxOjE3OjU1LjM5Mzc2MDEwNloifSwicnViaWNvbiI6eyJ1aWQiOiJMTFk4TlNNUy1KLUM2RVciLCJleHBpcmVzIjoiMjAyMy0xMC0yOVQyMToxNzo1Mi42NDIyMzYyNTVaIn19LCJiZGF5IjoiMjAyMy0wOC0zMFQyMToxNzo1Mi4xOTQzMTI1MTlaIn0=
.weborama.fr/ Name: AFFICHE_W
Value: UxRguVF9ou5T91
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_bb8590e6-5a03-49e1-9334-a963783a7bb5
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-6919021736534392851&KRTB&23150-6919021736534392851
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8922632082486160958&KRTB&23339-8922632082486160958
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7273227640611928218&KRTB&23369-7273227640611928218
.sitescout.com/ Name: ssi
Value: 64a79794-ccda-4083-84d7-13e1b48e04d1#1693430275474
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEO4FOPy7epHMWPGichQ5lBk&KRTB&23025-CAESEO4FOPy7epHMWPGichQ5lBk&KRTB&23386-CAESEO4FOPy7epHMWPGichQ5lBk
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4587697792382255801
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-9WDSV6FmhwDubYRT8zWaBvQw0gbuYI4Bp2JZmaS6&KRTB&19420-9WDSV6FmhwDubYRT8zWaBvQw0gbuYI4Bp2JZmaS6&KRTB&22979-9WDSV6FmhwDubYRT8zWaBvQw0gbuYI4Bp2JZmaS6&KRTB&23403-9WDSV6FmhwDubYRT8zWaBvQw0gbuYI4Bp2JZmaS6
.adform.net/ Name: C
Value: 1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrM0NTQzMDKxNBbiM9T19wwvzjBK8s_OM_cHAJqgZi4lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrM0NTQzMDKxNBbiM9T19wwvzjBK8s_OM_cHAJqgZi4lAAAA
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5MzQzMDI3NTUwMn0
.adsby.bidtheatre.com/ Name: __kuid
Value: f79f1f46-7cb1-440b-b765-73889023ef05.462644275
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-e28551c6-183a-49d1-b6ab-b5e2b935f090
.csync.loopme.me/ Name: viewer_token
Value: 14301236-b30d-4572-89e2-566ced4d04ad
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZO_yAwAMosSvAQAb
.adform.net/ Name: uid
Value: 5695076676199403673
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5140084926951602493
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-64a79794-ccda-4083-84d7-13e1b48e04d1-64efb203-4348&KRTB&23418-64a79794-ccda-4083-84d7-13e1b48e04d1-64efb203-4348
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: c28efafee62e3c4f83505e281543f0a6
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAH7sG4QN45cANwbUvDAAAAAAA&KRTB&22713-AAAH7sG4QN45cANwbUvDAAAAAAA&KRTB&22715-AAAH7sG4QN45cANwbUvDAAAAAAA&KRTB&23519-AAAH7sG4QN45cANwbUvDAAAAAAA
.onaudience.com/ Name: cookie
Value: fa2a563ad4c3b4ca
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&KRTB&23413-6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&KRTB&23479-6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71&KRTB&23505-6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71
.bidr.io/ Name: bito
Value: AAEs7U7J32QAACVfjqi53Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5695076676199403673&KRTB&23263-5695076676199403673&KRTB&23481-5695076676199403673
.pubmatic.com/ Name: SPugT
Value: 1693430275
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-7AicPGkHMgXgVUYgQWjYhWjg
.adx.opera.com/ Name: UID
Value: OPU3e35cfeb36bd4288a3e0903ebcaaf1dc
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU3e35cfeb36bd4288a3e0903ebcaaf1dc&KRTB&23485-OPU3e35cfeb36bd4288a3e0903ebcaaf1dc
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-31bb64a8-64dc-5b67-4dc2-b359441f1668.GCnrR7zuwdq2HEkfKwxIj3PGDzCUtK2jpJ8sDnw4t%2Bs
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-31bb64a8-64dc-5b67-4dc2-b359441f1668.GCnrR7zuwdq2HEkfKwxIj3PGDzCUtK2jpJ8sDnw4t%2Bs
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AMbtkqGTcW2dNwrNZRB8WaLAKa-0.2T1okwiZptvwgiOlRhpkXh9WRldW%2Fq4OomyPK9nDBo8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AMbtkqGTcW2dNwrNZRB8WaLAKa-0.2T1okwiZptvwgiOlRhpkXh9WRldW%2Fq4OomyPK9nDBo8
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPdh__gmqzE14J-FNfYOvVUBlt7ZMP0Mi2YJWYCFxUJPEHwYBCCD5L6nBjABOgTwi70wQgQsdnxd.VozTWr6VgRjn9nR%2FPDlmNJ5xo%2BTT5hZuMYVf0hYFv2U
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPdh__gmqzE14J-FNfYOvVUBlt7ZMP0Mi2YJWYCFxUJPEHwYBCCD5L6nBjABOgTwi70wQgQsdnxd.VozTWr6VgRjn9nR%2FPDlmNJ5xo%2BTT5hZuMYVf0hYFv2U
.audrte.com/ Name: arcki2
Value: h822sXmtBc-Tn6-3Y-5PEnebA!20220908!1693430275753!ip#176.10.107.237
.audrte.com/ Name: arcki2_pubmatic
Value: 6FC36E3E-EB0C-49E6-8A9A-B764E2BE5C71!20220908!1693430275756
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-MbtkqGTcW2dNwrNZRB8WaLAKa-0&KRTB&23334-MbtkqGTcW2dNwrNZRB8WaLAKa-0&KRTB&23417-MbtkqGTcW2dNwrNZRB8WaLAKa-0&KRTB&23426-MbtkqGTcW2dNwrNZRB8WaLAKa-0
.openx.net/ Name: i
Value: 0fdb48c7-70d2-0927-3ea0-bdae00229264|1693430275
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlsYmxgZG5qamBwShyJb2FmBgBxMtBIIAAAAA
.gammaplatform.com/ Name: _aGeoIp
Value: PL|Boryszew
.gammaplatform.com/ Name: _aUID
Value: 1cih5oky3kh7
.servenobid.com/ Name: pid_317
Value: 5824489679850151208
.servenobid.com/ Name: pid_337
Value: y-fCLm67BE2uFlF.1uXscF8b8Bozjr3xdi8KzD5n4-~A
.servenobid.com/ Name: pid_339
Value: y-fCLm67BE2uFlF.1uXscF8b8Bozjr3xdi8KzD5n4-~A
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2dn9:196n~2dn9:175w~2dn9"
.servenobid.com/ Name: pid_324
Value: 5140084926951602493
.servenobid.com/ Name: pid_312
Value: 8922632082486160958
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-1cih5oky3kh7&KRTB&23446-1cih5oky3kh7&KRTB&23465-1cih5oky3kh7
.servenobid.com/ Name: pid_333
Value: ZO-yAfpKZJCuTs6y-s6EZQAADSkAAAIB
.dotomi.com/ Name: DotomiTest
Value: 19896248db56182f
.audrte.com/ Name: arcki2_ddp2
Value: h822sXmtBc-Tn6-3Y-5PEnebA!20220908!1693430275903
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.gumgum.com/ Name: vst
Value: e_0ecb23f8-1981-4154-918f-3f2aa6e86866
.minutemedia-prebid.com/ Name: wrvUserID
Value: e6B-Ltp-Cp_mm
.servenobid.com/ Name: pid_310
Value: HPUdrGZHRzlMC3YvQeOt9Aq4
.servenobid.com/ Name: pid_353
Value: 0000EEA
.servenobid.com/ Name: pid_309
Value: e_0ecb23f8-1981-4154-918f-3f2aa6e86866
.contextweb.com/ Name: V
Value: qg7Lii2ClKXn
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ml4|7dN.0.AAEs7U7J32QAACVfjqi53Q
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 0ce79a736d3320ab
.servenobid.com/ Name: pid_348
Value: e6B-Ltp-Cp_mm
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-977dc5cc-75bb-40fa-af7c-097cada75d38-003%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: SyncRTB3
Value: 1695945600%3A203%7C1694649600%3A35%7C1694563200%3A54_254_166_233_264_161_88_8_3_214_21_22_249_251_13_165_81_46_238_71_204_234_55_220_56%7C1693958400%3A15_2_223%7C1694217600%3A63
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEs7U7J32QAACVfjqi53Q
.pubmatic.com/ Name: PugT
Value: 1693430276
.creativecdn.com/ Name: u
Value: 60DwKxBWxnvwV0l2VsK3
.creativecdn.com/ Name: ts
Value: 1693430276
.metadsp.co.uk/ Name: ruuid
Value: d707e1c7-b780-4068-a04a-4fb217f1576b
.metadsp.co.uk/ Name: c
Value: 1693430276
.metadsp.co.uk/ Name: ruuid_lu
Value: 1693430276
.audrte.com/ Name: arcki2_adform
Value: 5695076676199403673!20220908!1693430276104
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-977dc5cc-75bb-40fa-af7c-097cada75d38-003%22%7D
ads.playground.xyz/ Name: connect.sid
Value: s%3ApWiYd2KmDhddzRzNhKqxSAVLsX05Jorv.0xM1SWof27w0fPyT8fVgKzr1jab43KXgJN34bkD33b4
.yellowblue.io/ Name: wrvUserID
Value: Zpp-RtMzkp_s
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-8b3fa40f-7a60-37a4-8e93-510870631545
.go.sonobi.com/ Name: __uis
Value: 5c1a50a0-08d1-4832-8f4f-67c491f6b8b7
.go.sonobi.com/ Name: HAPLB8G
Value: s8634|ZO+yB
.smartadserver.com/ Name: csync
Value: 100:c9fee066-4897-09bc-23e4-cb7a42167a5f|113:RX-977dc5cc-75bb-40fa-af7c-097cada75d38-003|117:903d3c8dd2313523eb6284def3fe8db6|124:14301236-b30d-4572-89e2-566ced4d04ad|127:AAEs7U7J32QAACVfjqi53Q
.servenobid.com/ Name: pid_352
Value: Zpp-RtMzkp_s
.servenobid.com/ Name: pid_332
Value: 5c1a50a0-08d1-4832-8f4f-67c491f6b8b7
.pubmatic.com/ Name: pi
Value: 161683:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: da6c0f14-7860-52f3-ad01-19cbc9eeabcf
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZO-yBAAEVWD0m1x40BiHdHNlSVmqvg0nQVLyzA==
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qp/GA1aXOx257VTIkcAJPBTYJ/t7Cax7f2mWzqzko0aSce9urNNViFQeI6q4TmPyzcTZI9/Nf5XGCYbB5SW5XQ3mePgyV9QG0XQD5U7tEfUTQ==
.liadm.com/ Name: lidid
Value: 2b6d5a57-b95c-42b6-9a39-ca8f82b34810
.ipredictive.com/ Name: cu
Value: 7ef48c92-d570-43d6-b8b1-66effa0d224d|1693430276365
.servenobid.com/ Name: pid_323
Value: LLY8NSMS-J-C6EW
.zemanta.com/ Name: zuid
Value: 1z9pjnD7JadfE1GJpCmM
.outbrain.com/ Name: obuid
Value: d5520c84-5e0a-4b3a-90c9-7284d40b050f
.admanmedia.com/ Name: admtr
Value: 09b96458-8e5a-414a-b99b-c4233a8ad73e
.bluekai.com/ Name: bku
Value: ikG999u0ftEFw1QE
.bluekai.com/ Name: bkpa
Value: KJhz06aFLM9R9mO4Dtd3hTFQ+yBj7BYVoQD5gHDru0NLR0GMaJ4QgN2ttVc7JXdu+VmpOB2qdl2LbXifwdx4UqhZo78Bw1nbfPU1C3jrCIC2ccrcd96YM9Y4we5N57aFg3RqpzJIUCcQZtLsBlDV9E85qLlj+9iyBj4n05MppdBhM4yTKyvSgZJJ6t1HOk0vx6PJ0c1CMixwKYRY61Ok79UbMb2NLr1QegGxau2aoLMVkNuGDwXIJ3kTnZZ0RdrADC/WOTonGFyi/xWZt0GZ3uoPULC2ZZAaEOf0qc4zgYEn3f6Z/x+/GQFQbK0+fG4GlIpZUF3CdEJtigp84wT29YAOUq1=
.servenobid.com/ Name: pid_328
Value: 09b96458-8e5a-414a-b99b-c4233a8ad73e
.socdm.com/ Name: SOC
Value: ZO.yBMCo8XcAALUOgEsAAAAA

6 Console Messages

Source Level URL
Text
deprecation warning URL: https://script.4dex.io/localstore.js
Message:
Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other warning URL: https://9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9d62f737f9b4da272496b349cf8c02e0.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.travelaudience.com
ads.w55c.net
analytics.webgains.io
ap.lijit.com
api.btloader.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
brightcombid.marphezis.com
btloader.com
c1.adform.net
cadmus.script.ac
casale-match.dotomi.com
cat.fr3.eu.criteo.com
cdn.track.production.webgains.team
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.minutemedia-prebid.com
cs.yellowblue.io
csm.eu.criteo.net
csync.loopme.me
cti.w55c.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
hbopenbid.pubmatic.com
hbx.media.net
i.liadm.com
i.w55c.net
i6.liadm.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imageproxy.eu.criteo.net
ipac.ctnsnet.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.o2online.de
pastelink.net
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
prod-rtb.ad4mat.net
public.servenobid.com
pubmatic-match.dotomi.com
pv.medialead.de
px.ads.linkedin.com
r.turn.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.fr3.eu.criteo.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
srv.buysellads.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static-de.ad4mat.net
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.adotmob.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
t.hspvst.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
u.4dex.io
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.omnitagjs.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
a.tribalfusion.com
cs.admanmedia.com
sync.adotmob.com
uipglob.semasio.net
104.18.39.155
124.146.215.49
130.211.23.194
141.94.171.213
141.94.171.216
141.95.171.141
142.250.184.226
143.204.9.59
145.239.193.130
147.75.84.158
151.101.66.49
151.139.128.10
154.58.197.185
167.233.13.224
172.217.23.102
178.128.135.204
178.250.7.11
178.250.7.13
178.250.7.9
18.157.60.246
18.170.168.253
18.185.199.180
18.196.113.49
18.208.74.11
18.66.147.120
184.30.25.51
185.184.8.90
185.255.84.151
185.255.84.153
185.29.134.244
185.64.189.112
185.64.190.81
185.64.191.210
185.86.138.154
185.86.139.104
185.89.210.122
188.166.17.21
188.42.196.115
193.0.160.130
193.108.153.21
195.5.165.20
198.47.127.18
198.47.127.19
198.47.127.205
2.16.97.13
2.18.96.175
2.18.96.187
2.20.213.154
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
208.93.169.131
213.155.156.180
216.52.2.16
216.52.2.91
23.197.120.249
23.218.208.23
23.218.210.30
23.35.228.23
23.88.86.2
2600:1901:0:76b9::
2600:1f18:ed:550a:4bc9:ac6a:bf5b:3f86
2600:9000:223f:a200:1f:4c18:bd40:93a1
2600:9000:2248:f000:3:4706:a6c0:93a1
2600:9000:2491:e600:1b:f040:3600:93a1
2602:803:c003:200::45
2606:4700:10::6816:1857
2606:4700:20::681a:71b
2606:4700:20::681a:9a9
2606:4700:20::681a:ad1
2606:4700:20::ac43:4513
2606:4700:20::ac43:4686
2606:4700:20::ac43:4a81
2606:4700::6811:190e
2606:4700::6812:1691
2606:4700::6812:18ad
2606:4700::6812:372
2606:4700::6813:afbe
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2001
2a02:2638:3::10
2a02:2638:3::1a
2a02:2638:3::c
2a02:2638:d::2
2a02:2638:d::4
2a02:2638:d::a
2a02:2638:d::c
2a02:fa8:8806:16::1370
2a05:d018:d29:3605:999f:1d55:f8df:b156
3.33.220.150
3.71.149.231
3.74.29.98
3.76.148.198
3.9.22.61
34.102.163.6
34.102.253.54
34.107.148.139
34.111.129.221
34.149.40.38
34.247.205.196
34.91.62.186
34.96.105.8
35.186.154.107
35.186.193.173
35.186.253.211
35.190.0.66
35.210.239.72
35.214.243.232
35.244.159.8
37.157.3.30
38.91.45.7
44.199.83.133
46.228.174.117
51.89.9.251
52.212.242.190
52.46.151.131
52.5.219.198
52.50.102.52
52.50.63.74
52.51.73.145
52.55.229.9
54.158.55.205
54.229.162.154
54.247.40.125
64.202.112.63
64.74.236.191
67.202.105.24
67.220.224.144
68.183.51.111
69.166.1.35
69.173.144.138
69.173.144.139
72.251.241.196
76.223.111.18
77.245.57.72
8.2.110.24
8.43.72.97
81.17.55.98
82.145.213.8
84.200.5.215
85.114.159.93
88.208.215.108
95.101.196.17
98.98.134.242
99.81.44.5
99.86.4.52
0032158dfb29e1afd725fb151ded5189a9e1996c249ecbc2d6eeefbd8ad7eace
02614d11cbdc1f220b7be546d59ef5e14489c86a5fdce3f22ce7b6bf9990bc71
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
0625bd04ac8eb341b3ad0c018e4ef4435ab7bb0438e2d21389b41a5378199f32
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08b66b3d1901e7b8f93d782c608026836ff8f7fd6d6a1cadebfd83c55051b88f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc405349b9e64616a3625673041771f2be733ebcb07688fcacd947401e40d34
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
12b2573815dac6ac5646fab27841f398fa908cc13d510f2e14bffb595b726bbf
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
170ab86401feff6a2df3531940a64dfb77a020ce5057a7ef60f511b5de3e05ff
17cc10670fa12e05b9bfcb0c8c40c5a3306af72ce3cd1ba8173d33dba18b1430
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1877a9b6803ad2d3e571ec1890968930925647ff299a05354f9183ef46ce841b
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc
199aab1f505ae0a7a87a10b59b877973cc25158d1876d3dc42b911d4e5397afa
1a5c2d3700359e1ca5e583e457f7e228e73fd71a78dee89a7af88ae97c22e602
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d0a2a479e152fa181f423c8ccd6d441c9fe5a5a5e63e513ec850b19d381a739
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
272164e5b3fb96e072257a2b6439d17a64d72018196ea36e8a73024c380dc9cf
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
27f00d43c9c69c26af317feb614275349c0d9f0038a2a6982b96c4a5f5c107f3
28d1764b929a95aad8c00aa782bf66c9ab265c40e5ff9ff6fc4226f0af7a94a1
2a48c4589a1b61b799474df790426db4c68b80c571d7bad1229b532330e93516
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332fe127faccfee262d5942df6721ba63712c60c5fbf6e8895689df79211146b
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
34a2d107c8068df21c0f422817cd6910b483446908e22f2397db1ebff94b6b16
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf
3af11ec6d7a483239243c924ce4edff802f3ffb7c4480f3c3e2c488fd0f21888
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e6e2018c47182da6ac5c019a4b8387f1c4a4854a87c8fcc4a795f81c44b9d8e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
43a8155f706dee702d7dbe2c965573e87013f10444d8cb0336d9d34680fdf1f2
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
453ae3da6cd25f6e378df35d71e0e1f16fb35ff721e3777878e70261e70cd3ae
465952a91061837a1a9d91e7b4902471bd0c88822d4b6dd784283fd753e0072d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
475cbbcfb5935ba12449a3338e34c730c8bb445f3c3c43e5c480f62b23486f91
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c997dad566c02a0a4f8416efa520f838a711d067a08f33b3ccffd541333e92
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fc10baa9c6fa8d98acac31beba1be0e8f688344f243dea838b5b03e8566a3c
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
5a592c36c45d06463c0dd58ad22e3e524ed3e88d383f8899b1840328ce5604fe
5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227
5b12f203acacba7dcc4b4ab6797cae2a25269189b019f5ceb1850e32425ad3d8
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d77b8182b153e46ddaa6f583d17dc648707bdfe12d9ac02b739fdc06a1592e8
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4
5f9e5464e88224db3fd57ab68bb7799ef95f9fa19d6a193f5eab0f071a042f11
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61866cec2ae664e4fa997617343a8b6f918d9acb40024cbed71def0dcac7593f
61a7bec12b2ae830506041664f85b6dc1ead1cb6b3c80c555a0f827398c80286
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c9d2a98c2a676f850fcf195e62ec7d2c1c0312a3a0a76473da5e66d0dc52a0
65ea378dd2262ef5b076d65b7dfefe122b1f79133d8704aa736e29862b8b81d3
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6768049734996e208dced2ceccecc38bcceae277bdbc46ac2087c4ddbbb055a0
69a381cd93cfeb0c48bcb2ad2f0c89536f91693f38f3f231b7009e2a2e05bd7f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af4a047b0d008cf83f703ee6add654184eac57f06dc2a3f9607fe566fba45ad
725c09cee8148a501fa4fdb355fa42fa68c156412f061bd752dc367978a82a71
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f
78a8dff99b41c22a085869c33c176425890bc2403a678697c9edb2d80abc9b5f
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7cc53b9adf139d3c48666f76e1d316281c5e9065f7eeaa3fb329057c397f83e5
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e3dadb57f3477801617b666075f0d0e11e8d6f431a411e1c2bdad35bdfb462a
7fc02f04e8cee3ec0d61b321d17535c4ca99fbcc29cdde83c963ef82c7e90109
80b6730173ab2f8a05d7fa126220dbb7a94df519088cdf04db4403711e41a5b8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84365f96403717f07852dbae10c7ecf95efec2d4ad780a0dba238e11f7740136
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
89f0335d649cdccf5bc16b4fad138e1fa6da670d851c82b48ccdd31273371110
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de110accfe1025599e27c953681e073acaed472e1249aabcdb827b6fd46fbcd
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b34452c32ec1393e9f2ae9d849683de6302ffad75c1ea07b272b2612a3e4608
9e7fe6ea59e27d119e6a7e9821064dfc4439f1419e7b6b312805c24d4c27c278
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5e5648e26f0e9d61356cf84183e1ef1b63cbc92caa8476aadbd04fecae44743
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f
ae73a9cda4225e9fccf5fdc24fffa4037af8adab9499988923b850357a8f5d5f
afe11529cfc38dbc6bef6006e2eebc65d0b141e1676fd1ea39e2ad2f974b15d4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b305e2efe8274f4241467a9e90f7a26799ad94bc6205f184c24c32518279a09a
b4d1ca6bb03b1775aa76a17f0f9441409f448c1702e20552d288e6f7cabfef32
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
ba75fb198eac5ef867f86379f2eb81c52bb6e7ec4e83b1ff2a3e5c5301050d8b
bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4
c003778196f8454de16b92b7360e8b50d3d09c33db85c912ebd44cd812a33a2f
c053f64d614d4f15e36041bbbfdbbe18723041f7d4d483ae265471bf0efa9bdf
c0a800d0c6f8225c84b3326388a6147d7a92076d0c5eb5789ab32f2fc00a31b3
c0d0175d20f6a14e938ca166e68fbb341c81a2a1038fd71cb9542223e50f2dc4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c81f14e2bb3209ad75981c1843043f0a465d4c090f2313d0aa5398a7767ca9ba
c8590d1ff746101aed27ee901541ed60ce68e5c1925211610d25db1f23a62022
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd157894cbef391d71eb32ae16b29886c2b74cc1d3ab011670c913371762ced6
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7f3001fad53dc155ed9da610f3de947063ceece4f114a9d1bbb4013c46a5c8
d38e36b243d59eca2f54758553fd507605fa93431b16145729ca4fddd58e02f7
d4cfd2fd5b9a2e49995a92ac8c2eaeeea414abff1a14495aa209b5cafa31c19c
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db6a3fdf38dab07e0ccee2a304d9c643d3c0cac0ff9389ff655a062471c575b5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e26956c4beab5bd54dfa0654d6d09564c9884304c4b05bc17a1f2f601284eebe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f60dea365b21b13c09928aa55e0902faf0cc9f527513d62f3f7d2d192478572a
f98280ebf8b23278082c84b49f486cfa4692b7bb53be0adfb2cf659c75d1b2e5
faf116d1fff4f1e55aac673cdffd30bbf69a0f78c5588439509866e2e453032c
fca14affa2e3cfc6e2b060c2324930b4fb010c1080585b1cb1242fbbd19c7383
fd0aa72d80dd1c4e27ba8a0b7318c8f55cbd7c7353f882fe251bf0bdfb0c61c1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2